Issue 183833004: Make chrome_elf use thunks instead of function pointers.

Issue 183833004: Make chrome_elf use thunks instead of function pointers. (Closed)

Created:
6 years, 9 months ago by Cait (Slow)

Modified:
6 years, 9 months ago

Reviewers:
rvargas (doing something else), robertshield

CC:
chromium-reviews, caitkp+watch_chromium.org

Base URL:
svn://svn.chromium.org/chrome/trunk/src

Visibility:
Public.

More Reviews

Description

Make chrome_elf use thunks instead of function pointers. 1. Add functionality to ServiceResolverThunk to copy a thunk without patching. 2. Move chrome_elf thunk-handling code to a common location. 3. Use a thunk instead of a f'n ptr for redirects. BUG=334379 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=255151 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=257749

Patch Set 1 #

Total comments: 24

Patch Set 2 : Move all memory mgmt out of CopyThunk #

Total comments: 12

Patch Set 3 : Add size checks when copying thunk #

Patch Set 4 : No bad thunks in the lookup table #

Total comments: 4

Patch Set 5 : Clean up documentation #

Patch Set 6 : #

Patch Set 7 : Use thunk instead of lookup table #

Total comments: 6

Patch Set 8 : Address comments, add scoped ptr #

Created: 6 years, 9 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+323 lines, -139 lines)			Patch
M	chrome_elf/blacklist/blacklist.cc	View	1 2 3 4 5 6	4 chunks	+8 lines, -128 lines	0 comments	Download
M	chrome_elf/chrome_elf.gyp	View	1 2 3 4 5 6 7	2 chunks	+3 lines, -0 lines	0 comments	Download
M	chrome_elf/create_file/chrome_create_file.cc	View	1 2 3 4 5 6 7	2 chunks	+15 lines, -5 lines	0 comments	Download
M	chrome_elf/create_file/chrome_create_file_unittest.cc	View	1 2 3 4 5 6	3 chunks	+22 lines, -5 lines	0 comments	Download
M	chrome_elf/ntdll_cache.h	View		1 chunk	+6 lines, -0 lines	0 comments	Download
M	chrome_elf/ntdll_cache.cc	View	1 2 3 4 5 6 7	2 chunks	+52 lines, -1 line	0 comments	Download
A	chrome_elf/thunk_getter.h	View	1 2 3 4	1 chunk	+16 lines, -0 lines	0 comments	Download
A	chrome_elf/thunk_getter.cc	View	1 2	1 chunk	+142 lines, -0 lines	0 comments	Download
M	sandbox/win/src/service_resolver.h	View	1 2 3 4	1 chunk	+9 lines, -0 lines	0 comments	Download
M	sandbox/win/src/service_resolver_32.cc	View	1 2	1 chunk	+26 lines, -0 lines	0 comments	Download
	sandbox/win/src/service_resolver_64.cc	View	1 2	1 chunk	+24 lines, -0 lines	0 comments	Download

Messages

Total messages: 39 (0 generated)

Expand Messages | Collapse Messages

Cait (Slow)

rvargas: PTAL at sandbox/ changes. I added a new public method to ServiceResolverThunk as we ...

6 years, 9 months ago (2014-02-27 22:31:03 UTC) #1

rvargas (doing something else)

https://codereview.chromium.org/183833004/diff/1/sandbox/win/src/service_resolver_32.cc File sandbox/win/src/service_resolver_32.cc (right): https://codereview.chromium.org/183833004/diff/1/sandbox/win/src/service_resolver_32.cc#newcode191 sandbox/win/src/service_resolver_32.cc:191: size_t thunk_bytes = GetThunkSize(); I'm fine with this code ...

6 years, 9 months ago (2014-02-28 19:40:09 UTC) #2

robertshield

https://codereview.chromium.org/183833004/diff/1/chrome_elf/ntdll_cache.cc File chrome_elf/ntdll_cache.cc (right): https://codereview.chromium.org/183833004/diff/1/chrome_elf/ntdll_cache.cc#newcode71 chrome_elf/ntdll_cache.cc:71: size_t storage_used; = 0 https://codereview.chromium.org/183833004/diff/1/chrome_elf/thunk_getter.cc File chrome_elf/thunk_getter.cc (right): https://codereview.chromium.org/183833004/diff/1/chrome_elf/thunk_getter.cc#newcode44 ...

6 years, 9 months ago (2014-02-28 21:02:22 UTC) #3

Cait (Slow)

PTAL. CopyThunk now just verifies that the target f'n is a service, and copies the ...

6 years, 9 months ago (2014-03-03 20:55:10 UTC) #4

rvargas (doing something else)

https://codereview.chromium.org/183833004/diff/40001/sandbox/win/src/service_resolver_32.cc File sandbox/win/src/service_resolver_32.cc (right): https://codereview.chromium.org/183833004/diff/40001/sandbox/win/src/service_resolver_32.cc#newcode191 sandbox/win/src/service_resolver_32.cc:191: size_t thunk_bytes = GetThunkSize(); Did you mean to compare ...

6 years, 9 months ago (2014-03-03 22:36:45 UTC) #5

robertshield

https://codereview.chromium.org/183833004/diff/40001/chrome_elf/ntdll_cache.cc File chrome_elf/ntdll_cache.cc (right): https://codereview.chromium.org/183833004/diff/40001/chrome_elf/ntdll_cache.cc#newcode68 chrome_elf/ntdll_cache.cc:68: if (!thunk) This implies that the rest of the ...

6 years, 9 months ago (2014-03-04 01:47:07 UTC) #6

Cait (Slow)

thanks! https://codereview.chromium.org/183833004/diff/40001/chrome_elf/ntdll_cache.cc File chrome_elf/ntdll_cache.cc (right): https://codereview.chromium.org/183833004/diff/40001/chrome_elf/ntdll_cache.cc#newcode68 chrome_elf/ntdll_cache.cc:68: if (!thunk) On 2014/03/04 01:47:07, robertshield wrote: > ...

6 years, 9 months ago (2014-03-04 15:43:56 UTC) #7

robertshield

lgtm https://codereview.chromium.org/183833004/diff/100001/chrome_elf/thunk_getter.h File chrome_elf/thunk_getter.h (right): https://codereview.chromium.org/183833004/diff/100001/chrome_elf/thunk_getter.h#newcode12 chrome_elf/thunk_getter.h:12: sandbox::ServiceResolverThunk* GetThunk(bool relaxed); Mention that ownership is passed ...

6 years, 9 months ago (2014-03-04 15:57:42 UTC) #8

rvargas (doing something else)

lgtm https://codereview.chromium.org/183833004/diff/100001/sandbox/win/src/service_resolver.h File sandbox/win/src/service_resolver.h (right): https://codereview.chromium.org/183833004/diff/100001/sandbox/win/src/service_resolver.h#newcode50 sandbox/win/src/service_resolver.h:50: // service and copy the first |storage_bytes| of ...

6 years, 9 months ago (2014-03-04 19:11:35 UTC) #9

Cait (Slow)

Thanks for the reviews! https://codereview.chromium.org/183833004/diff/100001/chrome_elf/thunk_getter.h File chrome_elf/thunk_getter.h (right): https://codereview.chromium.org/183833004/diff/100001/chrome_elf/thunk_getter.h#newcode12 chrome_elf/thunk_getter.h:12: sandbox::ServiceResolverThunk* GetThunk(bool relaxed); On 2014/03/04 ...

6 years, 9 months ago (2014-03-04 20:36:04 UTC) #11

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/120001

6 years, 9 months ago (2014-03-04 20:37:39 UTC) #12

commit-bot: I haz the power

The CQ bit was unchecked by commit-bot@chromium.org

6 years, 9 months ago (2014-03-04 20:37:43 UTC) #13

commit-bot: I haz the power

Failed to apply patch for chrome_elf/blacklist/blacklist.cc: While running patch -p1 --forward --force --no-backup-if-mismatch; patching file ...

6 years, 9 months ago (2014-03-04 20:37:44 UTC) #14

Failed to apply patch for chrome_elf/blacklist/blacklist.cc:
While running patch -p1 --forward --force --no-backup-if-mismatch;
  patching file chrome_elf/blacklist/blacklist.cc
  Hunk #1 FAILED at 8.
  Hunk #2 FAILED at 41.
  Hunk #3 succeeded at 361 (offset 32 lines).
  Hunk #4 succeeded at 395 (offset 32 lines).
  2 out of 4 hunks FAILED -- saving rejects to file
chrome_elf/blacklist/blacklist.cc.rej

Patch:       chrome_elf/blacklist/blacklist.cc
Index: chrome_elf/blacklist/blacklist.cc
diff --git a/chrome_elf/blacklist/blacklist.cc
b/chrome_elf/blacklist/blacklist.cc
index
958d7103b798ba5488b8d9857f7be6a06c20cecb..9796c96b7a382199fb1647a8395f5c8416269555
100644
--- a/chrome_elf/blacklist/blacklist.cc
+++ b/chrome_elf/blacklist/blacklist.cc
@@ -8,9 +8,9 @@
 
 #include "base/basictypes.h"
 #include "chrome_elf/blacklist/blacklist_interceptions.h"
+#include "chrome_elf/thunk_getter.h"
 #include "sandbox/win/src/interception_internal.h"
 #include "sandbox/win/src/internal_types.h"
-#include "sandbox/win/src/sandbox_utils.h"
 #include "sandbox/win/src/service_resolver.h"
 #include "version.h"  // NOLINT
 
@@ -41,109 +41,10 @@ __declspec(allocate(".crthunk")) sandbox::ThunkData
g_thunk_storage;
 
 namespace {
 
-enum Version {
-  VERSION_PRE_XP_SP2 = 0,  // Not supported.
-  VERSION_XP_SP2,
-  VERSION_SERVER_2003, // Also includes XP Pro x64 and Server 2003 R2.
-  VERSION_VISTA,       // Also includes Windows Server 2008.
-  VERSION_WIN7,        // Also includes Windows Server 2008 R2.
-  VERSION_WIN8,        // Also includes Windows Server 2012.
-  VERSION_WIN8_1,
-  VERSION_WIN_LAST,    // Indicates error condition.
-};
-
-// Whether a process is running under WOW64 (the wrapper that allows 32-bit
-// processes to run on 64-bit versions of Windows).  This will return
-// WOW64_DISABLED for both "32-bit Chrome on 32-bit Windows" and "64-bit
-// Chrome on 64-bit Windows".  WOW64_UNKNOWN means "an error occurred", e.g.
-// the process does not have sufficient access rights to determine this.
-enum WOW64Status {
-  WOW64_DISABLED,
-  WOW64_ENABLED,
-  WOW64_UNKNOWN,
-};
-
 // Record if the blacklist was successfully initialized so processes can easily
 // determine if the blacklist is enabled for them.
 bool g_blacklist_initialized = false;
 
-WOW64Status GetWOW64StatusForCurrentProcess() {
-  typedef BOOL (WINAPI* IsWow64ProcessFunc)(HANDLE, PBOOL);
-  IsWow64ProcessFunc is_wow64_process = reinterpret_cast<IsWow64ProcessFunc>(
-      GetProcAddress(GetModuleHandle(L"kernel32.dll"), "IsWow64Process"));
-  if (!is_wow64_process)
-    return WOW64_DISABLED;
-  BOOL is_wow64 = FALSE;
-  if (!(*is_wow64_process)(GetCurrentProcess(), &is_wow64))
-    return WOW64_UNKNOWN;
-  return is_wow64 ? WOW64_ENABLED : WOW64_DISABLED;
-}
-
-class OSInfo {
- public:
-  struct VersionNumber {
-    int major;
-    int minor;
-    int build;
-  };
-
-  struct ServicePack {
-    int major;
-    int minor;
-  };
-
-  OSInfo() {
-    OSVERSIONINFOEX version_info = { sizeof(version_info) };
-    GetVersionEx(reinterpret_cast<OSVERSIONINFO*>(&version_info));
-    version_number_.major = version_info.dwMajorVersion;
-    version_number_.minor = version_info.dwMinorVersion;
-    version_number_.build = version_info.dwBuildNumber;
-    if ((version_number_.major == 5) && (version_number_.minor > 0)) {
-      // Treat XP Pro x64, Home Server, and Server 2003 R2 as Server 2003.
-      version_ = (version_number_.minor == 1) ? VERSION_XP_SP2 :
-                                                VERSION_SERVER_2003;
-      if (version_ == VERSION_XP_SP2 && version_info.wServicePackMajor < 2)
-        version_ = VERSION_PRE_XP_SP2;
-    } else if (version_number_.major == 6) {
-      switch (version_number_.minor) {
-        case 0:
-          // Treat Windows Server 2008 the same as Windows Vista.
-          version_ = VERSION_VISTA;
-          break;
-        case 1:
-          // Treat Windows Server 2008 R2 the same as Windows 7.
-          version_ = VERSION_WIN7;
-          break;
-        case 2:
-          // Treat Windows Server 2012 the same as Windows 8.
-          version_ = VERSION_WIN8;
-          break;
-        default:
-          version_ = VERSION_WIN8_1;
-          break;
-      }
-    } else if (version_number_.major > 6) {
-      version_ = VERSION_WIN_LAST;
-    } else {
-      version_ = VERSION_PRE_XP_SP2;
-    }
-
-    service_pack_.major = version_info.wServicePackMajor;
-    service_pack_.minor = version_info.wServicePackMinor;
-  }
-
-  Version version() const { return version_; }
-  VersionNumber version_number() const { return version_number_; }
-  ServicePack service_pack() const { return service_pack_; }
-
- private:
-  Version version_;
-  VersionNumber version_number_;
-  ServicePack service_pack_;
-
-  DISALLOW_COPY_AND_ASSIGN(OSInfo);
-};
-
 bool IsNonBrowserProcess() {
   typedef bool (*IsSandboxedProcessFunc)();
   IsSandboxedProcessFunc is_sandboxed_process =
@@ -329,17 +230,16 @@ bool Initialize(bool force) {
   if (!force && !LeaveSetupBeacon())
     return false;
 
-  // Don't try blacklisting on unsupported OS versions.
-  OSInfo os_info;
-  if (os_info.version() <= VERSION_PRE_XP_SP2)
-    return false;
-
-  // Pseudo-handle, no need to close.
-  HANDLE current_process = ::GetCurrentProcess();
-
   // Tells the resolver to patch already patched functions.
   const bool kRelaxed = true;
 
+  // Create a thunk via the appropriate ServiceResolver instance.
+  sandbox::ServiceResolverThunk* thunk = GetThunk(kRelaxed);
+
+  // Don't try blacklisting on unsupported OS versions.
+  if (!thunk)
+    return false;
+
   // Record that we are starting the thunk setup code.
   HKEY key = NULL;
   DWORD disposition = 0;
@@ -364,26 +264,6 @@ bool Initialize(bool force) {
     key = NULL;
   }
 
-  // Create a thunk via the appropriate ServiceResolver instance.
-  sandbox::ServiceResolverThunk* thunk = NULL;
-#if defined(_WIN64)
-  // Because Windows 8 and 8.1 have different stubs in 64-bit,
-  // ServiceResolverThunk can handle all the formats in 64-bit (instead only
-  // handling 1 like it does in 32-bit versions).
-  thunk = new sandbox::ServiceResolverThunk(current_process, kRelaxed);
-#else
-  if (GetWOW64StatusForCurrentProcess() == WOW64_ENABLED) {
-    if (os_info.version() >= VERSION_WIN8)
-      thunk = new sandbox::Wow64W8ResolverThunk(current_process, kRelaxed);
-    else
-      thunk = new sandbox::Wow64ResolverThunk(current_process, kRelaxed);
-  } else if (os_info.version() >= VERSION_WIN8) {
-    thunk = new sandbox::Win8ResolverThunk(current_process, kRelaxed);
-  } else {
-    thunk = new sandbox::ServiceResolverThunk(current_process, kRelaxed);
-  }
-#endif
-
   // Record that we have initialized the blacklist.
   g_blacklist_initialized = true;

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/140001

6 years, 9 months ago (2014-03-04 21:02:14 UTC) #16

commit-bot: I haz the power

The CQ bit was unchecked by commit-bot@chromium.org

6 years, 9 months ago (2014-03-04 22:00:29 UTC) #17

commit-bot: I haz the power

Retried try job too often on win_x64_rel for step(s) base_unittests, chrome_elf_unittests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_x64_rel&number=81389

6 years, 9 months ago (2014-03-04 22:00:30 UTC) #18

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/140001

6 years, 9 months ago (2014-03-05 20:02:30 UTC) #20

Cait (Slow)

Robert: PTAL -- here is a first pass at the changes we discussed. Thanks!

6 years, 9 months ago (2014-03-10 23:04:32 UTC) #22

robertshield

https://codereview.chromium.org/183833004/diff/160001/chrome_elf/create_file/chrome_create_file.cc File chrome_elf/create_file/chrome_create_file.cc (right): https://codereview.chromium.org/183833004/diff/160001/chrome_elf/create_file/chrome_create_file.cc#newcode192 chrome_elf/create_file/chrome_create_file.cc:192: char thunk_buffer[sizeof(sandbox::ThunkData)] = {}; Please add a comment that ...

6 years, 9 months ago (2014-03-17 22:21:26 UTC) #23

Cait (Slow)

6 years, 9 months ago (2014-03-18 00:23:08 UTC) #24

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/200001

6 years, 9 months ago (2014-03-18 00:40:41 UTC) #26

commit-bot: I haz the power

The CQ bit was unchecked by commit-bot@chromium.org

6 years, 9 months ago (2014-03-18 03:25:02 UTC) #27

commit-bot: I haz the power

Retried try job too often on win_rel for step(s) app_list_unittests, ash_unittests, aura_unittests, browser_tests, cacheinvalidation_unittests, cc_unittests, ...

6 years, 9 months ago (2014-03-18 03:25:03 UTC) #28

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/200001

6 years, 9 months ago (2014-03-18 04:44:41 UTC) #30

commit-bot: I haz the power

The CQ bit was unchecked by commit-bot@chromium.org

6 years, 9 months ago (2014-03-18 10:09:15 UTC) #31

commit-bot: I haz the power

Retried try job too often on win_rel for step(s) browser_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&number=283486

6 years, 9 months ago (2014-03-18 10:09:16 UTC) #32

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/200001

6 years, 9 months ago (2014-03-18 16:39:47 UTC) #34

commit-bot: I haz the power

The CQ bit was unchecked by commit-bot@chromium.org

6 years, 9 months ago (2014-03-18 18:43:58 UTC) #35

commit-bot: I haz the power

Commit queue rejected this change because the description was changed between the time the change ...

6 years, 9 months ago (2014-03-18 18:44:01 UTC) #36

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/caitkp@chromium.org/183833004/200001

6 years, 9 months ago (2014-03-18 19:18:02 UTC) #38

Message was sent while issue was closed.

Change committed as 257749

Expand Messages | Collapse Messages