| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" |
| 5 #include "base/metrics/field_trial.h" | 6 #include "base/metrics/field_trial.h" |
| 6 #include "base/metrics/histogram.h" | 7 #include "base/metrics/histogram.h" |
| 8 #include "base/metrics/sparse_histogram.h" |
| 7 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 8 #include "base/win/registry.h" | 10 #include "base/win/registry.h" |
| 9 #include "chrome/browser/chrome_elf_init_win.h" | 11 #include "chrome/browser/chrome_elf_init_win.h" |
| 12 #include "chrome_elf/blacklist/blacklist.h" |
| 10 #include "chrome_elf/chrome_elf_constants.h" | 13 #include "chrome_elf/chrome_elf_constants.h" |
| 14 #include "chrome_elf/dll_hash/dll_hash.h" |
| 15 #include "content/public/browser/browser_thread.h" |
| 11 #include "version.h" // NOLINT | 16 #include "version.h" // NOLINT |
| 12 | 17 |
| 13 namespace { | 18 namespace { |
| 14 | 19 |
| 15 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; | 20 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; |
| 16 const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled"; | 21 const char kBrowserBlacklistTrialEnabledGroupName[] = "Enabled"; |
| 17 | 22 |
| 23 // How long to wait, in seconds, before reporting for the second (and last |
| 24 // time), what dlls were blocked from the browser process. |
| 25 const int kBlacklistReportingDelaySec = 600; |
| 26 |
| 18 // This enum is used to define the buckets for an enumerated UMA histogram. | 27 // This enum is used to define the buckets for an enumerated UMA histogram. |
| 19 // Hence, | 28 // Hence, |
| 20 // (a) existing enumerated constants should never be deleted or reordered, and | 29 // (a) existing enumerated constants should never be deleted or reordered, and |
| 21 // (b) new constants should only be appended in front of | 30 // (b) new constants should only be appended in front of |
| 22 // BLACKLIST_SETUP_EVENT_MAX. | 31 // BLACKLIST_SETUP_EVENT_MAX. |
| 23 enum BlacklistSetupEventType { | 32 enum BlacklistSetupEventType { |
| 24 // The blacklist beacon has placed to enable the browser blacklisting. | 33 // The blacklist beacon has placed to enable the browser blacklisting. |
| 25 BLACKLIST_SETUP_ENABLED = 0, | 34 BLACKLIST_SETUP_ENABLED = 0, |
| 26 | 35 |
| 27 // The blacklist was successfully enabled. | 36 // The blacklist was successfully enabled. |
| (...skipping 11 matching lines...) Expand all Loading... |
| 39 // Always keep this at the end. | 48 // Always keep this at the end. |
| 40 BLACKLIST_SETUP_EVENT_MAX, | 49 BLACKLIST_SETUP_EVENT_MAX, |
| 41 }; | 50 }; |
| 42 | 51 |
| 43 void RecordBlacklistSetupEvent(BlacklistSetupEventType blacklist_setup_event) { | 52 void RecordBlacklistSetupEvent(BlacklistSetupEventType blacklist_setup_event) { |
| 44 UMA_HISTOGRAM_ENUMERATION("Blacklist.Setup", | 53 UMA_HISTOGRAM_ENUMERATION("Blacklist.Setup", |
| 45 blacklist_setup_event, | 54 blacklist_setup_event, |
| 46 BLACKLIST_SETUP_EVENT_MAX); | 55 BLACKLIST_SETUP_EVENT_MAX); |
| 47 } | 56 } |
| 48 | 57 |
| 58 // Report which DLLs were prevented from being loaded. |
| 59 void ReportSuccessfulBlocks() { |
| 60 // Figure out how many dlls were blocked. |
| 61 int num_blocked_dlls = 0; |
| 62 blacklist::SuccessfullyBlocked(NULL, &num_blocked_dlls); |
| 63 |
| 64 if (num_blocked_dlls == 0) |
| 65 return; |
| 66 |
| 67 // Now retrieve the list of blocked dlls. |
| 68 std::vector<const wchar_t*> blocked_dlls(num_blocked_dlls); |
| 69 blacklist::SuccessfullyBlocked(&blocked_dlls[0], &num_blocked_dlls); |
| 70 |
| 71 // Send up the hashes of the blocked dlls via UMA. |
| 72 for (size_t i = 0; i < blocked_dlls.size(); ++i) { |
| 73 std::string dll_name_utf8; |
| 74 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); |
| 75 int uma_hash = DllNameToHash(dll_name_utf8); |
| 76 |
| 77 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); |
| 78 } |
| 79 } |
| 80 |
| 49 } // namespace | 81 } // namespace |
| 50 | 82 |
| 51 void InitializeChromeElf() { | 83 void InitializeChromeElf() { |
| 52 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == | 84 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == |
| 53 kBrowserBlacklistTrialEnabledGroupName) { | 85 kBrowserBlacklistTrialEnabledGroupName) { |
| 54 BrowserBlacklistBeaconSetup(); | 86 BrowserBlacklistBeaconSetup(); |
| 55 } else { | 87 } else { |
| 56 // Disable the blacklist for all future runs by removing the beacon. | 88 // Disable the blacklist for all future runs by removing the beacon. |
| 57 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); | 89 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); |
| 58 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); | 90 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); |
| 59 } | 91 } |
| 92 |
| 93 // Report all successful blacklist interceptions. |
| 94 ReportSuccessfulBlocks(); |
| 95 |
| 96 // Schedule another task to report all sucessful interceptions later. |
| 97 // This time delay should be long enough to catch any dlls that attempt to |
| 98 // inject after Chrome has started up. |
| 99 content::BrowserThread::PostDelayedTask( |
| 100 content::BrowserThread::UI, |
| 101 FROM_HERE, |
| 102 base::Bind(&ReportSuccessfulBlocks), |
| 103 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); |
| 60 } | 104 } |
| 61 | 105 |
| 62 void BrowserBlacklistBeaconSetup() { | 106 void BrowserBlacklistBeaconSetup() { |
| 63 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, | 107 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, |
| 64 blacklist::kRegistryBeaconPath, | 108 blacklist::kRegistryBeaconPath, |
| 65 KEY_QUERY_VALUE | KEY_SET_VALUE); | 109 KEY_QUERY_VALUE | KEY_SET_VALUE); |
| 66 | 110 |
| 67 // No point in trying to continue if the registry key isn't valid. | 111 // No point in trying to continue if the registry key isn't valid. |
| 68 if (!blacklist_registry_key.Valid()) | 112 if (!blacklist_registry_key.Valid()) |
| 69 return; | 113 return; |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 116 | 160 |
| 117 // Since some part of the blacklist failed, ensure it is now disabled | 161 // Since some part of the blacklist failed, ensure it is now disabled |
| 118 // for this version. | 162 // for this version. |
| 119 if (blacklist_state != blacklist::BLACKLIST_DISABLED) { | 163 if (blacklist_state != blacklist::BLACKLIST_DISABLED) { |
| 120 blacklist_registry_key.WriteValue(blacklist::kBeaconState, | 164 blacklist_registry_key.WriteValue(blacklist::kBeaconState, |
| 121 blacklist::BLACKLIST_DISABLED); | 165 blacklist::BLACKLIST_DISABLED); |
| 122 } | 166 } |
| 123 } | 167 } |
| 124 } | 168 } |
| 125 } | 169 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 174013007:
Add UMA stats to record when DLLs are successfully blocked in the Browser. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master