OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome_elf/chrome_elf_util.h" | 5 #include "chrome_elf/chrome_elf_util.h" |
6 | 6 |
7 #include <assert.h> | 7 #include <assert.h> |
8 #include <windows.h> | |
9 #include <stddef.h> | 8 #include <stddef.h> |
10 | 9 |
11 #include "base/macros.h" | 10 #include "base/macros.h" |
12 #include "base/strings/string16.h" | 11 #include "base/strings/string16.h" |
13 | 12 |
14 ProcessType g_process_type = ProcessType::UNINITIALIZED; | 13 ProcessType g_process_type = ProcessType::UNINITIALIZED; |
15 | 14 |
16 namespace { | 15 namespace { |
17 | 16 |
18 const wchar_t kRegPathClientState[] = L"Software\\Google\\Update\\ClientState"; | 17 const wchar_t kRegPathClientState[] = L"Software\\Google\\Update\\ClientState"; |
(...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
215 return; | 214 return; |
216 } | 215 } |
217 | 216 |
218 g_process_type = ProcessType::BROWSER_PROCESS; | 217 g_process_type = ProcessType::BROWSER_PROCESS; |
219 } | 218 } |
220 | 219 |
221 bool IsNonBrowserProcess() { | 220 bool IsNonBrowserProcess() { |
222 assert(g_process_type != ProcessType::UNINITIALIZED); | 221 assert(g_process_type != ProcessType::UNINITIALIZED); |
223 return g_process_type == ProcessType::NON_BROWSER_PROCESS; | 222 return g_process_type == ProcessType::NON_BROWSER_PROCESS; |
224 } | 223 } |
224 | |
225 typedef decltype(SetProcessMitigationPolicy)* SetProcessMitigationPolicyFunc; | |
226 | |
227 void EarlyBrowserSecurity() { | |
228 // This function is called from within DllMain. | |
229 // Don't do anything naughty while we have the loader lock. | |
230 | |
Will Harris
2016/01/30 01:19:05
nit: remove line
penny
2016/02/01 21:31:52
Done.
| |
231 if (::IsWindows8OrGreater()) { | |
Will Harris
2016/01/30 01:19:05
What does this function pull in? we would normally
jschuh
2016/02/01 20:28:07
ELF doesn't depend on base. So, this is an easy wa
penny
2016/02/01 21:31:52
Yes indeed. I like these APIs. Supported back to
| |
232 SetProcessMitigationPolicyFunc set_process_mitigation_policy = | |
233 reinterpret_cast<SetProcessMitigationPolicyFunc>(::GetProcAddress( | |
234 ::GetModuleHandleW(L"kernel32.dll"), "SetProcessMitigationPolicy")); | |
235 if (set_process_mitigation_policy) { | |
236 // Disable extension DLLs in this process. | |
237 // (Legacy hooking.) | |
238 PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY policy = {}; | |
239 policy.DisableExtensionPoints = true; | |
240 | |
241 set_process_mitigation_policy(ProcessExtensionPointDisablePolicy, &policy, | |
242 sizeof(policy)); | |
243 } | |
Will Harris
2016/01/30 01:19:05
my vote would be a DCHECK here, this would trip th
jschuh
2016/02/01 20:28:07
I don't think you can introduce that dependency ei
grt (UTC plus 2)
2016/02/01 20:43:06
nit: prefer the __debugbreak() compiler intrinsic
penny
2016/02/01 21:31:52
Done. I'm in the habit of using the intrinsic as
grt (UTC plus 2)
2016/02/02 01:12:29
As a rule of thumb: crash the process in a release
| |
244 } | |
245 return; | |
246 } | |
OLD | NEW |