| OLD | NEW |
|---|
| 1 // Copyright 2015 The Crashpad Authors. All rights reserved. | 1 // Copyright 2015 The Crashpad Authors. All rights reserved. |
| 2 // | 2 // |
| 3 // Licensed under the Apache License, Version 2.0 (the "License"); | 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 // you may not use this file except in compliance with the License. | 4 // you may not use this file except in compliance with the License. |
| 5 // You may obtain a copy of the License at | 5 // You may obtain a copy of the License at |
| 6 // | 6 // |
| 7 // http://www.apache.org/licenses/LICENSE-2.0 | 7 // http://www.apache.org/licenses/LICENSE-2.0 |
| 8 // | 8 // |
| 9 // Unless required by applicable law or agreed to in writing, software | 9 // Unless required by applicable law or agreed to in writing, software |
| 10 // distributed under the License is distributed on an "AS IS" BASIS, | 10 // distributed under the License is distributed on an "AS IS" BASIS, |
| 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 // See the License for the specific language governing permissions and | 12 // See the License for the specific language governing permissions and |
| 13 // limitations under the License. | 13 // limitations under the License. |
| 14 | 14 |
| 15 #include "util/win/registration_protocol_win.h" | 15 #include "util/win/registration_protocol_win.h" |
| 16 | 16 |
| 17 #include <windows.h> | 17 #include <windows.h> |
| 18 #include <sddl.h> | |
| 19 | 18 |
| 20 #include "base/logging.h" | 19 #include "base/logging.h" |
| 20 #include "base/macros.h" |
| 21 #include "util/win/exception_handler_server.h" | 21 #include "util/win/exception_handler_server.h" |
| 22 #include "util/win/scoped_handle.h" | 22 #include "util/win/scoped_handle.h" |
| 23 #include "util/win/scoped_local_alloc.h" | |
| 24 | 23 |
| 25 namespace crashpad { | 24 namespace crashpad { |
| 26 | 25 |
| 27 bool SendToCrashHandlerServer(const base::string16& pipe_name, | 26 bool SendToCrashHandlerServer(const base::string16& pipe_name, |
| 28 const ClientToServerMessage& message, | 27 const ClientToServerMessage& message, |
| 29 ServerToClientMessage* response) { | 28 ServerToClientMessage* response) { |
| 30 // Retry CreateFile() in a loop. If the handler isn’t actively waiting in | 29 // Retry CreateFile() in a loop. If the handler isn’t actively waiting in |
| 31 // ConnectNamedPipe() on a pipe instance because it’s busy doing something | 30 // ConnectNamedPipe() on a pipe instance because it’s busy doing something |
| 32 // else, CreateFile() will fail with ERROR_PIPE_BUSY. WaitNamedPipe() waits | 31 // else, CreateFile() will fail with ERROR_PIPE_BUSY. WaitNamedPipe() waits |
| 33 // until a pipe instance is ready, but there’s no way to wait for this | 32 // until a pipe instance is ready, but there’s no way to wait for this |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 90 return false; | 89 return false; |
| 91 } | 90 } |
| 92 return true; | 91 return true; |
| 93 } | 92 } |
| 94 } | 93 } |
| 95 | 94 |
| 96 HANDLE CreateNamedPipeInstance(const std::wstring& pipe_name, | 95 HANDLE CreateNamedPipeInstance(const std::wstring& pipe_name, |
| 97 bool first_instance) { | 96 bool first_instance) { |
| 98 SECURITY_ATTRIBUTES security_attributes; | 97 SECURITY_ATTRIBUTES security_attributes; |
| 99 SECURITY_ATTRIBUTES* security_attributes_pointer = nullptr; | 98 SECURITY_ATTRIBUTES* security_attributes_pointer = nullptr; |
| 100 ScopedLocalAlloc scoped_sec_desc; | |
| 101 | 99 |
| 102 if (first_instance) { | 100 if (first_instance) { |
| 103 // Pre-Vista does not have integrity levels. | 101 // Pre-Vista does not have integrity levels. |
| 104 const DWORD version = GetVersion(); | 102 const DWORD version = GetVersion(); |
| 105 const DWORD major_version = LOBYTE(LOWORD(version)); | 103 const DWORD major_version = LOBYTE(LOWORD(version)); |
| 106 const bool is_vista_or_later = major_version >= 6; | 104 const bool is_vista_or_later = major_version >= 6; |
| 107 if (is_vista_or_later) { | 105 if (is_vista_or_later) { |
| 108 // Mandatory Label, no ACE flags, no ObjectType, integrity level | |
| 109 // untrusted. | |
| 110 const wchar_t kSddl[] = L"S:(ML;;;;;S-1-16-0)"; | |
| 111 | |
| 112 PSECURITY_DESCRIPTOR sec_desc; | |
| 113 PCHECK(ConvertStringSecurityDescriptorToSecurityDescriptor( | |
| 114 kSddl, SDDL_REVISION_1, &sec_desc, nullptr)) | |
| 115 << "ConvertStringSecurityDescriptorToSecurityDescriptor"; | |
| 116 | |
| 117 // Take ownership of the allocated SECURITY_DESCRIPTOR. | |
| 118 scoped_sec_desc.reset(sec_desc); | |
| 119 | |
| 120 memset(&security_attributes, 0, sizeof(security_attributes)); | 106 memset(&security_attributes, 0, sizeof(security_attributes)); |
| 121 security_attributes.nLength = sizeof(SECURITY_ATTRIBUTES); | 107 security_attributes.nLength = sizeof(SECURITY_ATTRIBUTES); |
| 122 security_attributes.lpSecurityDescriptor = sec_desc; | 108 security_attributes.lpSecurityDescriptor = |
| 109 const_cast<void*>(GetSecurityDescriptorForNamedPipeInstance(nullptr)); |
| 123 security_attributes.bInheritHandle = TRUE; | 110 security_attributes.bInheritHandle = TRUE; |
| 124 security_attributes_pointer = &security_attributes; | 111 security_attributes_pointer = &security_attributes; |
| 125 } | 112 } |
| 126 } | 113 } |
| 127 | 114 |
| 128 return CreateNamedPipe( | 115 return CreateNamedPipe( |
| 129 pipe_name.c_str(), | 116 pipe_name.c_str(), |
| 130 PIPE_ACCESS_DUPLEX | (first_instance ? FILE_FLAG_FIRST_PIPE_INSTANCE : 0), | 117 PIPE_ACCESS_DUPLEX | (first_instance ? FILE_FLAG_FIRST_PIPE_INSTANCE : 0), |
| 131 PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, | 118 PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_WAIT, |
| 132 ExceptionHandlerServer::kPipeInstances, | 119 ExceptionHandlerServer::kPipeInstances, |
| 133 512, | 120 512, |
| 134 512, | 121 512, |
| 135 0, | 122 0, |
| 136 security_attributes_pointer); | 123 security_attributes_pointer); |
| 137 } | 124 } |
| 138 | 125 |
| 126 const void* GetSecurityDescriptorForNamedPipeInstance(size_t* size) { |
| 127 // Mandatory Label, no ACE flags, no ObjectType, integrity level untrusted is |
| 128 // "S:(ML;;;;;S-1-16-0)". Typically |
| 129 // ConvertStringSecurityDescriptorToSecurityDescriptor() would be used to |
| 130 // convert from a string representation. However, that function cannot be used |
| 131 // because it is in advapi32.dll and CreateNamedPipeInstance() is called from |
| 132 // within DllMain() where the loader lock is held. advapi32.dll is delay |
| 133 // loaded in chrome_elf.dll because it must avoid loading user32.dll. If an |
| 134 // advapi32.dll function were used, it would cause a load of the DLL, which |
| 135 // would in turn cause deadlock. |
| 136 |
| 137 #pragma pack(push, 1) |
| 138 static const struct SecurityDescriptorBlob { |
| 139 // See https://msdn.microsoft.com/en-us/library/cc230366.aspx. |
| 140 SECURITY_DESCRIPTOR_RELATIVE sd_rel; |
| 141 struct { |
| 142 ACL acl; |
| 143 struct { |
| 144 // This is equivalent to SYSTEM_MANDATORY_LABEL_ACE, but there's no |
| 145 // DWORD offset to the SID, instead it's inline. |
| 146 ACE_HEADER header; |
| 147 ACCESS_MASK mask; |
| 148 SID sid; |
| 149 } ace[1]; |
| 150 } sacl; |
| 151 } kSecDescBlob = { |
| 152 // sd_rel. |
| 153 { |
| 154 SECURITY_DESCRIPTOR_REVISION1, // Revision. |
| 155 0x00, // Sbz1. |
| 156 SE_SELF_RELATIVE | SE_SACL_PRESENT, // Control. |
| 157 0, // OffsetOwner. |
| 158 0, // OffsetGroup. |
| 159 offsetof(SecurityDescriptorBlob, sacl), // OffsetSacl. |
| 160 0, // OffsetDacl. |
| 161 }, |
| 162 |
| 163 // sacl. |
| 164 { |
| 165 // acl. |
| 166 { |
| 167 ACL_REVISION, // AclRevision. |
| 168 0, // Sbz1. |
| 169 sizeof(kSecDescBlob.sacl), // AclSize. |
| 170 arraysize(kSecDescBlob.sacl.ace), // AceCount. |
| 171 0, // Sbz2. |
| 172 }, |
| 173 |
| 174 // ace[0]. |
| 175 { |
| 176 { |
| 177 // header. |
| 178 { |
| 179 SYSTEM_MANDATORY_LABEL_ACE_TYPE, // AceType. |
| 180 0, // AceFlags. |
| 181 sizeof(kSecDescBlob.sacl.ace[0]), // AceSize. |
| 182 }, |
| 183 |
| 184 // mask. |
| 185 0, |
| 186 |
| 187 // sid. |
| 188 { |
| 189 SID_REVISION, // Revision. |
| 190 // SubAuthorityCount. |
| 191 arraysize(kSecDescBlob.sacl.ace[0].sid.SubAuthority), |
| 192 // IdentifierAuthority. |
| 193 {SECURITY_MANDATORY_LABEL_AUTHORITY}, |
| 194 {SECURITY_MANDATORY_UNTRUSTED_RID}, // SubAuthority. |
| 195 }, |
| 196 }, |
| 197 }, |
| 198 }, |
| 199 }; |
| 200 #pragma pack(pop) |
| 201 |
| 202 if (size) |
| 203 *size = sizeof(kSecDescBlob); |
| 204 return reinterpret_cast<const void*>(&kSecDescBlob); |
| 205 } |
| 206 |
| 139 } // namespace crashpad | 207 } // namespace crashpad |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2555353002:
Update Crashpad to 32981a3ee9d7c2769fb27afa038fe2e194cfa329 (Closed)
