OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 558 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
569 base::string16 object_path = PrependWindowsSessionPath( | 569 base::string16 object_path = PrependWindowsSessionPath( |
570 L"\\BaseNamedObjects\\windows_shell_global_counters"); | 570 L"\\BaseNamedObjects\\windows_shell_global_counters"); |
571 policy->AddKernelObjectToClose(L"Section", object_path.data()); | 571 policy->AddKernelObjectToClose(L"Section", object_path.data()); |
572 } | 572 } |
573 | 573 |
574 void AddAppContainerPolicy(sandbox::TargetPolicy* policy, const wchar_t* sid) { | 574 void AddAppContainerPolicy(sandbox::TargetPolicy* policy, const wchar_t* sid) { |
575 if (IsAppContainerEnabled()) | 575 if (IsAppContainerEnabled()) |
576 policy->SetLowBox(sid); | 576 policy->SetLowBox(sid); |
577 } | 577 } |
578 | 578 |
579 bool AddWin32kLockdownPolicy(sandbox::TargetPolicy* policy) { | 579 bool AddWin32kLockdownPolicy(sandbox::TargetPolicy* policy, bool enable_opm) { |
580 #if !defined(NACL_WIN64) | 580 #if !defined(NACL_WIN64) |
581 if (!IsWin32kRendererLockdownEnabled()) | 581 if (!IsWin32kRendererLockdownEnabled()) |
582 return true; | 582 return true; |
583 | 583 |
584 // Enable win32k lockdown if not already. | 584 // Enable win32k lockdown if not already. |
585 sandbox::MitigationFlags flags = policy->GetProcessMitigations(); | 585 sandbox::MitigationFlags flags = policy->GetProcessMitigations(); |
586 if ((flags & sandbox::MITIGATION_WIN32K_DISABLE) == | 586 if ((flags & sandbox::MITIGATION_WIN32K_DISABLE) == |
587 sandbox::MITIGATION_WIN32K_DISABLE) | 587 sandbox::MITIGATION_WIN32K_DISABLE) |
588 return true; | 588 return true; |
589 | 589 |
590 sandbox::ResultCode result = | 590 sandbox::ResultCode result = |
591 policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, | 591 policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, |
592 sandbox::TargetPolicy::FAKE_USER_GDI_INIT, nullptr); | 592 enable_opm ? sandbox::TargetPolicy::IMPLEMENT_OPM_APIS |
| 593 : sandbox::TargetPolicy::FAKE_USER_GDI_INIT, |
| 594 nullptr); |
593 if (result != sandbox::SBOX_ALL_OK) | 595 if (result != sandbox::SBOX_ALL_OK) |
594 return false; | 596 return false; |
595 | 597 if (enable_opm) |
| 598 policy->SetEnableOPMRedirection(); |
596 flags |= sandbox::MITIGATION_WIN32K_DISABLE; | 599 flags |= sandbox::MITIGATION_WIN32K_DISABLE; |
597 result = policy->SetProcessMitigations(flags); | 600 result = policy->SetProcessMitigations(flags); |
598 if (result != sandbox::SBOX_ALL_OK) | 601 if (result != sandbox::SBOX_ALL_OK) |
599 return false; | 602 return false; |
600 #endif | 603 #endif |
601 return true; | 604 return true; |
602 } | 605 } |
603 | 606 |
604 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { | 607 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { |
605 // TODO(abarth): DCHECK(CalledOnValidThread()); | 608 // TODO(abarth): DCHECK(CalledOnValidThread()); |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
705 if (!gfx::win::ShouldUseDirectWrite()) | 708 if (!gfx::win::ShouldUseDirectWrite()) |
706 mitigations ^= sandbox::MITIGATION_NONSYSTEM_FONT_DISABLE; | 709 mitigations ^= sandbox::MITIGATION_NONSYSTEM_FONT_DISABLE; |
707 #endif | 710 #endif |
708 | 711 |
709 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 712 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
710 return base::Process(); | 713 return base::Process(); |
711 | 714 |
712 #if !defined(NACL_WIN64) | 715 #if !defined(NACL_WIN64) |
713 if (type_str == switches::kRendererProcess && | 716 if (type_str == switches::kRendererProcess && |
714 IsWin32kRendererLockdownEnabled()) { | 717 IsWin32kRendererLockdownEnabled()) { |
715 if (!AddWin32kLockdownPolicy(policy)) | 718 if (!AddWin32kLockdownPolicy(policy, false)) |
716 return base::Process(); | 719 return base::Process(); |
717 } | 720 } |
718 #endif | 721 #endif |
719 | 722 |
720 // Post-startup mitigations. | 723 // Post-startup mitigations. |
721 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | | 724 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | |
722 sandbox::MITIGATION_DLL_SEARCH_ORDER; | 725 sandbox::MITIGATION_DLL_SEARCH_ORDER; |
723 | 726 |
724 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 727 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
725 return base::Process(); | 728 return base::Process(); |
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
813 | 816 |
814 CHECK(ResumeThread(target.thread_handle()) != static_cast<DWORD>(-1)); | 817 CHECK(ResumeThread(target.thread_handle()) != static_cast<DWORD>(-1)); |
815 return base::Process(target.TakeProcessHandle()); | 818 return base::Process(target.TakeProcessHandle()); |
816 } | 819 } |
817 | 820 |
818 bool BrokerAddTargetPeer(HANDLE peer_process) { | 821 bool BrokerAddTargetPeer(HANDLE peer_process) { |
819 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 822 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
820 } | 823 } |
821 | 824 |
822 } // namespace content | 825 } // namespace content |
OLD | NEW |