| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" |
| 5 #include "base/metrics/field_trial.h" | 6 #include "base/metrics/field_trial.h" |
| 6 #include "base/metrics/histogram.h" | 7 #include "base/metrics/histogram.h" |
| 8 #include "base/metrics/sparse_histogram.h" |
| 7 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 8 #include "base/win/registry.h" | 10 #include "base/win/registry.h" |
| 9 #include "chrome/browser/chrome_elf_init_win.h" | 11 #include "chrome/browser/chrome_elf_init_win.h" |
| 10 #include "chrome_elf/blacklist/blacklist.h" | 12 #include "chrome_elf/blacklist/blacklist.h" |
| 13 #include "chrome_elf/dll_hash_for_uma/dll_hash.h" |
| 14 #include "content/public/browser/browser_thread.h" |
| 11 #include "version.h" // NOLINT | 15 #include "version.h" // NOLINT |
| 12 | 16 |
| 13 namespace { | 17 namespace { |
| 14 | 18 |
| 15 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; | 19 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; |
| 16 const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled"; | 20 const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled"; |
| 17 | 21 |
| 22 // How long to wait, in seconds, before reporting for the second (and last |
| 23 // time), what dlls were blocked from the browser process. |
| 24 const int kBlacklistReportingDelaySec = 600; |
| 25 |
| 18 // This enum is used to define the buckets for an enumerated UMA histogram. | 26 // This enum is used to define the buckets for an enumerated UMA histogram. |
| 19 // Hence, | 27 // Hence, |
| 20 // (a) existing enumerated constants should never be deleted or reordered, and | 28 // (a) existing enumerated constants should never be deleted or reordered, and |
| 21 // (b) new constants should only be appended in front of | 29 // (b) new constants should only be appended in front of |
| 22 // BLACKLIST_SETUP_EVENT_MAX. | 30 // BLACKLIST_SETUP_EVENT_MAX. |
| 23 enum BlacklistSetupEventType { | 31 enum BlacklistSetupEventType { |
| 24 // The blacklist beacon has placed to enable the browser blacklisting. | 32 // The blacklist beacon has placed to enable the browser blacklisting. |
| 25 BLACKLIST_SETUP_ENABLED = 0, | 33 BLACKLIST_SETUP_ENABLED = 0, |
| 26 | 34 |
| 27 // The blacklist was successfully enabled. | 35 // The blacklist was successfully enabled. |
| (...skipping 11 matching lines...) Expand all Loading... |
| 39 // Always keep this at the end. | 47 // Always keep this at the end. |
| 40 BLACKLIST_SETUP_EVENT_MAX, | 48 BLACKLIST_SETUP_EVENT_MAX, |
| 41 }; | 49 }; |
| 42 | 50 |
| 43 void RecordBlacklistSetupEvent(BlacklistSetupEventType blacklist_setup_event) { | 51 void RecordBlacklistSetupEvent(BlacklistSetupEventType blacklist_setup_event) { |
| 44 UMA_HISTOGRAM_ENUMERATION("Blacklist.Setup", | 52 UMA_HISTOGRAM_ENUMERATION("Blacklist.Setup", |
| 45 blacklist_setup_event, | 53 blacklist_setup_event, |
| 46 BLACKLIST_SETUP_EVENT_MAX); | 54 BLACKLIST_SETUP_EVENT_MAX); |
| 47 } | 55 } |
| 48 | 56 |
| 57 // Report which DLLs were prevented from being loaded. |
| 58 void ReportSuccessfulBlocks() { |
| 59 // Figure out how many dlls were blocked. |
| 60 int num_blocked_dlls = 0; |
| 61 blacklist::SuccessfullyBlocked(NULL, &num_blocked_dlls); |
| 62 |
| 63 if (num_blocked_dlls == 0) |
| 64 return; |
| 65 |
| 66 // Now retrieve the list of blocked dlls. |
| 67 std::vector<const wchar_t*> blocked_dlls(num_blocked_dlls); |
| 68 blacklist::SuccessfullyBlocked(&blocked_dlls[0], &num_blocked_dlls); |
| 69 |
| 70 // Send up the hashes of the blocked dlls via UMA. |
| 71 for (size_t i = 0; i < blocked_dlls.size(); ++i) { |
| 72 std::string dll_name_utf8; |
| 73 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); |
| 74 int uma_hash = DllNameToHash(dll_name_utf8); |
| 75 |
| 76 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); |
| 77 } |
| 78 } |
| 79 |
| 49 } // namespace | 80 } // namespace |
| 50 | 81 |
| 51 void InitializeChromeElf() { | 82 void InitializeChromeElf() { |
| 52 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == | 83 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == |
| 53 kBrowserBlacklistTrialEnabledGroupName) { | 84 kBrowserBlacklistTrialEnabledGroupName) { |
| 54 BrowserBlacklistBeaconSetup(); | 85 BrowserBlacklistBeaconSetup(); |
| 55 } else { | 86 } else { |
| 56 // Disable the blacklist for all future runs by removing the beacon. | 87 // Disable the blacklist for all future runs by removing the beacon. |
| 57 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); | 88 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); |
| 58 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); | 89 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); |
| 59 } | 90 } |
| 91 |
| 92 // Report all successful blacklist interceptions. |
| 93 ReportSuccessfulBlocks(); |
| 94 |
| 95 // Schedule another task to report all sucessful interceptions later. |
| 96 // This time delay should be long enough to catch any dlls that attempt to |
| 97 // inject after Chrome has started up. |
| 98 content::BrowserThread::PostDelayedTask( |
| 99 content::BrowserThread::UI, |
| 100 FROM_HERE, |
| 101 base::Bind(&ReportSuccessfulBlocks), |
| 102 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); |
| 60 } | 103 } |
| 61 | 104 |
| 62 void BrowserBlacklistBeaconSetup() { | 105 void BrowserBlacklistBeaconSetup() { |
| 63 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, | 106 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, |
| 64 blacklist::kRegistryBeaconPath, | 107 blacklist::kRegistryBeaconPath, |
| 65 KEY_QUERY_VALUE | KEY_SET_VALUE); | 108 KEY_QUERY_VALUE | KEY_SET_VALUE); |
| 66 | 109 |
| 67 // Find the last recorded blacklist version. | 110 // Find the last recorded blacklist version. |
| 68 base::string16 blacklist_version; | 111 base::string16 blacklist_version; |
| 69 blacklist_registry_key.ReadValue(blacklist::kBeaconVersion, | 112 blacklist_registry_key.ReadValue(blacklist::kBeaconVersion, |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 112 | 155 |
| 113 // Since some part of the blacklist failed, ensure it is now disabled | 156 // Since some part of the blacklist failed, ensure it is now disabled |
| 114 // for this version. | 157 // for this version. |
| 115 if (blacklist_state != blacklist::BLACKLIST_DISABLED) { | 158 if (blacklist_state != blacklist::BLACKLIST_DISABLED) { |
| 116 blacklist_registry_key.WriteValue(blacklist::kBeaconState, | 159 blacklist_registry_key.WriteValue(blacklist::kBeaconState, |
| 117 blacklist::BLACKLIST_DISABLED); | 160 blacklist::BLACKLIST_DISABLED); |
| 118 } | 161 } |
| 119 } | 162 } |
| 120 } | 163 } |
| 121 } | 164 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 174013007:
Add UMA stats to record when DLLs are successfully blocked in the Browser. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master