| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/broker_services.h" | 5 #include "sandbox/win/src/broker_services.h" |
| 6 | 6 |
| 7 #include <AclAPI.h> | 7 #include <AclAPI.h> |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 | 9 |
| 10 #include <memory> | 10 #include <memory> |
| 11 #include <utility> | 11 #include <utility> |
| 12 | 12 |
| 13 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "base/macros.h" | 14 #include "base/macros.h" |
| 15 #include "base/stl_util.h" | 15 #include "base/stl_util.h" |
| 16 #include "base/threading/platform_thread.h" | 16 #include "base/threading/platform_thread.h" |
| 17 #include "base/win/scoped_handle.h" | 17 #include "base/win/scoped_handle.h" |
| 18 #include "base/win/scoped_process_information.h" | 18 #include "base/win/scoped_process_information.h" |
| 19 #include "base/win/startup_information.h" | 19 #include "base/win/startup_information.h" |
| 20 #include "base/win/windows_version.h" | 20 #include "base/win/windows_version.h" |
| 21 #include "sandbox/win/src/app_container.h" | |
| 22 #include "sandbox/win/src/process_mitigations.h" | 21 #include "sandbox/win/src/process_mitigations.h" |
| 23 #include "sandbox/win/src/sandbox.h" | 22 #include "sandbox/win/src/sandbox.h" |
| 24 #include "sandbox/win/src/sandbox_policy_base.h" | 23 #include "sandbox/win/src/sandbox_policy_base.h" |
| 25 #include "sandbox/win/src/target_process.h" | 24 #include "sandbox/win/src/target_process.h" |
| 26 #include "sandbox/win/src/win2k_threadpool.h" | 25 #include "sandbox/win/src/win2k_threadpool.h" |
| 27 #include "sandbox/win/src/win_utils.h" | 26 #include "sandbox/win/src/win_utils.h" |
| 28 | 27 |
| 29 namespace { | 28 namespace { |
| 30 | 29 |
| 31 // Utility function to associate a completion port to a job object. | 30 // Utility function to associate a completion port to a job object. |
| (...skipping 289 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 321 // 1 thread. This is to protect the global variables used while setting up | 320 // 1 thread. This is to protect the global variables used while setting up |
| 322 // the child process. | 321 // the child process. |
| 323 static DWORD thread_id = ::GetCurrentThreadId(); | 322 static DWORD thread_id = ::GetCurrentThreadId(); |
| 324 DCHECK(thread_id == ::GetCurrentThreadId()); | 323 DCHECK(thread_id == ::GetCurrentThreadId()); |
| 325 | 324 |
| 326 AutoLock lock(&lock_); | 325 AutoLock lock(&lock_); |
| 327 | 326 |
| 328 // This downcast is safe as long as we control CreatePolicy() | 327 // This downcast is safe as long as we control CreatePolicy() |
| 329 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); | 328 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); |
| 330 | 329 |
| 331 if (policy_base->GetAppContainer() && policy_base->GetLowBoxSid()) | |
| 332 return SBOX_ERROR_BAD_PARAMS; | |
| 333 | |
| 334 // Construct the tokens and the job object that we are going to associate | 330 // Construct the tokens and the job object that we are going to associate |
| 335 // with the soon to be created target process. | 331 // with the soon to be created target process. |
| 336 base::win::ScopedHandle initial_token; | 332 base::win::ScopedHandle initial_token; |
| 337 base::win::ScopedHandle lockdown_token; | 333 base::win::ScopedHandle lockdown_token; |
| 338 base::win::ScopedHandle lowbox_token; | 334 base::win::ScopedHandle lowbox_token; |
| 339 ResultCode result = SBOX_ALL_OK; | 335 ResultCode result = SBOX_ALL_OK; |
| 340 | 336 |
| 341 result = | 337 result = |
| 342 policy_base->MakeTokens(&initial_token, &lockdown_token, &lowbox_token); | 338 policy_base->MakeTokens(&initial_token, &lockdown_token, &lowbox_token); |
| 343 if (SBOX_ALL_OK != result) | 339 if (SBOX_ALL_OK != result) |
| (...skipping 17 matching lines...) Expand all Loading... |
| 361 | 357 |
| 362 base::string16 desktop = policy_base->GetAlternateDesktop(); | 358 base::string16 desktop = policy_base->GetAlternateDesktop(); |
| 363 if (!desktop.empty()) { | 359 if (!desktop.empty()) { |
| 364 startup_info.startup_info()->lpDesktop = | 360 startup_info.startup_info()->lpDesktop = |
| 365 const_cast<wchar_t*>(desktop.c_str()); | 361 const_cast<wchar_t*>(desktop.c_str()); |
| 366 } | 362 } |
| 367 | 363 |
| 368 bool inherit_handles = false; | 364 bool inherit_handles = false; |
| 369 | 365 |
| 370 int attribute_count = 0; | 366 int attribute_count = 0; |
| 371 const AppContainerAttributes* app_container = | |
| 372 policy_base->GetAppContainer(); | |
| 373 if (app_container) | |
| 374 ++attribute_count; | |
| 375 | 367 |
| 376 size_t mitigations_size; | 368 size_t mitigations_size; |
| 377 ConvertProcessMitigationsToPolicy(policy_base->GetProcessMitigations(), | 369 ConvertProcessMitigationsToPolicy(policy_base->GetProcessMitigations(), |
| 378 &mitigations, &mitigations_size); | 370 &mitigations, &mitigations_size); |
| 379 if (mitigations) | 371 if (mitigations) |
| 380 ++attribute_count; | 372 ++attribute_count; |
| 381 | 373 |
| 382 bool restrict_child_process_creation = false; | 374 bool restrict_child_process_creation = false; |
| 383 if (base::win::GetVersion() >= base::win::VERSION_WIN10_TH2 && | 375 if (base::win::GetVersion() >= base::win::VERSION_WIN10_TH2 && |
| 384 policy_base->GetJobLevel() <= JOB_LIMITED_USER) { | 376 policy_base->GetJobLevel() <= JOB_LIMITED_USER) { |
| (...skipping 16 matching lines...) Expand all Loading... |
| 401 | 393 |
| 402 for (HANDLE handle : policy_handle_list) | 394 for (HANDLE handle : policy_handle_list) |
| 403 inherited_handle_list.push_back(handle); | 395 inherited_handle_list.push_back(handle); |
| 404 | 396 |
| 405 if (inherited_handle_list.size()) | 397 if (inherited_handle_list.size()) |
| 406 ++attribute_count; | 398 ++attribute_count; |
| 407 | 399 |
| 408 if (!startup_info.InitializeProcThreadAttributeList(attribute_count)) | 400 if (!startup_info.InitializeProcThreadAttributeList(attribute_count)) |
| 409 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; | 401 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; |
| 410 | 402 |
| 411 if (app_container) { | |
| 412 result = app_container->ShareForStartup(&startup_info); | |
| 413 if (SBOX_ALL_OK != result) | |
| 414 return result; | |
| 415 } | |
| 416 | |
| 417 if (mitigations) { | 403 if (mitigations) { |
| 418 if (!startup_info.UpdateProcThreadAttribute( | 404 if (!startup_info.UpdateProcThreadAttribute( |
| 419 PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY, &mitigations, | 405 PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY, &mitigations, |
| 420 mitigations_size)) { | 406 mitigations_size)) { |
| 421 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; | 407 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; |
| 422 } | 408 } |
| 423 } | 409 } |
| 424 | 410 |
| 425 if (restrict_child_process_creation) { | 411 if (restrict_child_process_creation) { |
| 426 if (!startup_info.UpdateProcThreadAttribute( | 412 if (!startup_info.UpdateProcThreadAttribute( |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 548 INFINITE, WT_EXECUTEONLYONCE | WT_EXECUTEINWAITTHREAD)) { | 534 INFINITE, WT_EXECUTEONLYONCE | WT_EXECUTEINWAITTHREAD)) { |
| 549 peer_map_.erase(peer->id); | 535 peer_map_.erase(peer->id); |
| 550 return SBOX_ERROR_GENERIC; | 536 return SBOX_ERROR_GENERIC; |
| 551 } | 537 } |
| 552 | 538 |
| 553 // Release the pointer since it will be cleaned up by the callback. | 539 // Release the pointer since it will be cleaned up by the callback. |
| 554 ignore_result(peer.release()); | 540 ignore_result(peer.release()); |
| 555 return SBOX_ALL_OK; | 541 return SBOX_ALL_OK; |
| 556 } | 542 } |
| 557 | 543 |
| 558 ResultCode BrokerServicesBase::InstallAppContainer(const wchar_t* sid, | |
| 559 const wchar_t* name) { | |
| 560 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 561 return SBOX_ERROR_UNSUPPORTED; | |
| 562 | |
| 563 base::string16 old_name = LookupAppContainer(sid); | |
| 564 if (old_name.empty()) | |
| 565 return CreateAppContainer(sid, name); | |
| 566 | |
| 567 if (old_name != name) | |
| 568 return SBOX_ERROR_INVALID_APP_CONTAINER; | |
| 569 | |
| 570 return SBOX_ALL_OK; | |
| 571 } | |
| 572 | |
| 573 ResultCode BrokerServicesBase::UninstallAppContainer(const wchar_t* sid) { | |
| 574 if (base::win::OSInfo::GetInstance()->version() < base::win::VERSION_WIN8) | |
| 575 return SBOX_ERROR_UNSUPPORTED; | |
| 576 | |
| 577 base::string16 name = LookupAppContainer(sid); | |
| 578 if (name.empty()) | |
| 579 return SBOX_ERROR_INVALID_APP_CONTAINER; | |
| 580 | |
| 581 return DeleteAppContainer(sid); | |
| 582 } | |
| 583 | |
| 584 } // namespace sandbox | 544 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1867223005:
Removed old AppContainer support. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master