| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 572 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 583 base::string16 object_path = PrependWindowsSessionPath( | 583 base::string16 object_path = PrependWindowsSessionPath( |
| 584 L"\\BaseNamedObjects\\windows_shell_global_counters"); | 584 L"\\BaseNamedObjects\\windows_shell_global_counters"); |
| 585 policy->AddKernelObjectToClose(L"Section", object_path.data()); | 585 policy->AddKernelObjectToClose(L"Section", object_path.data()); |
| 586 } | 586 } |
| 587 | 587 |
| 588 void AddAppContainerPolicy(sandbox::TargetPolicy* policy, const wchar_t* sid) { | 588 void AddAppContainerPolicy(sandbox::TargetPolicy* policy, const wchar_t* sid) { |
| 589 if (IsAppContainerEnabled()) | 589 if (IsAppContainerEnabled()) |
| 590 policy->SetLowBox(sid); | 590 policy->SetLowBox(sid); |
| 591 } | 591 } |
| 592 | 592 |
| 593 bool AddWin32kLockdownPolicy(sandbox::TargetPolicy* policy) { | 593 bool AddWin32kLockdownPolicy(sandbox::TargetPolicy* policy, bool enable_opm) { |
| 594 #if !defined(NACL_WIN64) | 594 #if !defined(NACL_WIN64) |
| 595 if (!IsWin32kRendererLockdownEnabled()) | 595 if (!IsWin32kRendererLockdownEnabled()) |
| 596 return true; | 596 return true; |
| 597 | 597 |
| 598 // Enable win32k lockdown if not already. | 598 // Enable win32k lockdown if not already. |
| 599 sandbox::MitigationFlags flags = policy->GetProcessMitigations(); | 599 sandbox::MitigationFlags flags = policy->GetProcessMitigations(); |
| 600 if ((flags & sandbox::MITIGATION_WIN32K_DISABLE) == | 600 if ((flags & sandbox::MITIGATION_WIN32K_DISABLE) == |
| 601 sandbox::MITIGATION_WIN32K_DISABLE) | 601 sandbox::MITIGATION_WIN32K_DISABLE) |
| 602 return true; | 602 return true; |
| 603 | 603 |
| 604 sandbox::ResultCode result = | 604 sandbox::ResultCode result = |
| 605 policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, | 605 policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, |
| 606 sandbox::TargetPolicy::FAKE_USER_GDI_INIT, nullptr); | 606 enable_opm ? sandbox::TargetPolicy::IMPLEMENT_OPM_APIS |
| 607 : sandbox::TargetPolicy::FAKE_USER_GDI_INIT, |
| 608 nullptr); |
| 607 if (result != sandbox::SBOX_ALL_OK) | 609 if (result != sandbox::SBOX_ALL_OK) |
| 608 return false; | 610 return false; |
| 609 | 611 if (enable_opm) |
| 612 policy->SetEnableOPMRedirection(); |
| 610 flags |= sandbox::MITIGATION_WIN32K_DISABLE; | 613 flags |= sandbox::MITIGATION_WIN32K_DISABLE; |
| 611 result = policy->SetProcessMitigations(flags); | 614 result = policy->SetProcessMitigations(flags); |
| 612 if (result != sandbox::SBOX_ALL_OK) | 615 if (result != sandbox::SBOX_ALL_OK) |
| 613 return false; | 616 return false; |
| 614 #endif | 617 #endif |
| 615 return true; | 618 return true; |
| 616 } | 619 } |
| 617 | 620 |
| 618 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { | 621 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { |
| 619 // TODO(abarth): DCHECK(CalledOnValidThread()); | 622 // TODO(abarth): DCHECK(CalledOnValidThread()); |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 719 if (!gfx::win::ShouldUseDirectWrite()) | 722 if (!gfx::win::ShouldUseDirectWrite()) |
| 720 mitigations ^= sandbox::MITIGATION_NONSYSTEM_FONT_DISABLE; | 723 mitigations ^= sandbox::MITIGATION_NONSYSTEM_FONT_DISABLE; |
| 721 #endif | 724 #endif |
| 722 | 725 |
| 723 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 726 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
| 724 return base::Process(); | 727 return base::Process(); |
| 725 | 728 |
| 726 #if !defined(NACL_WIN64) | 729 #if !defined(NACL_WIN64) |
| 727 if (type_str == switches::kRendererProcess && | 730 if (type_str == switches::kRendererProcess && |
| 728 IsWin32kRendererLockdownEnabled()) { | 731 IsWin32kRendererLockdownEnabled()) { |
| 729 if (!AddWin32kLockdownPolicy(policy)) | 732 if (!AddWin32kLockdownPolicy(policy, false)) |
| 730 return base::Process(); | 733 return base::Process(); |
| 731 } | 734 } |
| 732 #endif | 735 #endif |
| 733 | 736 |
| 734 // Post-startup mitigations. | 737 // Post-startup mitigations. |
| 735 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | | 738 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | |
| 736 sandbox::MITIGATION_DLL_SEARCH_ORDER; | 739 sandbox::MITIGATION_DLL_SEARCH_ORDER; |
| 737 | 740 |
| 738 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 741 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
| 739 return base::Process(); | 742 return base::Process(); |
| (...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 860 } | 863 } |
| 861 | 864 |
| 862 return false; | 865 return false; |
| 863 } | 866 } |
| 864 | 867 |
| 865 bool BrokerAddTargetPeer(HANDLE peer_process) { | 868 bool BrokerAddTargetPeer(HANDLE peer_process) { |
| 866 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 869 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 867 } | 870 } |
| 868 | 871 |
| 869 } // namespace content | 872 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1856993003:
Implement sandbox hooks to forward OPM related GDI system calls. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master