OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/win/chrome_elf_init.h" | 5 #include "chrome/browser/win/chrome_elf_init.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
11 #include "base/metrics/histogram_macros.h" | 11 #include "base/metrics/histogram_macros.h" |
12 #include "base/metrics/sparse_histogram.h" | 12 #include "base/metrics/sparse_histogram.h" |
13 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
14 #include "base/win/registry.h" | 14 #include "base/win/registry.h" |
15 #include "chrome/common/chrome_version.h" | 15 #include "chrome/common/chrome_version.h" |
16 #include "chrome/install_static/install_util.h" | |
16 #include "chrome_elf/blacklist/blacklist.h" | 17 #include "chrome_elf/blacklist/blacklist.h" |
17 #include "chrome_elf/chrome_elf_constants.h" | 18 #include "chrome_elf/chrome_elf_constants.h" |
18 #include "chrome_elf/dll_hash/dll_hash.h" | 19 #include "chrome_elf/dll_hash/dll_hash.h" |
19 #include "components/variations/variations_associated_data.h" | 20 #include "components/variations/variations_associated_data.h" |
20 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
21 #include "content/public/common/content_features.h" | 22 #include "content/public/common/content_features.h" |
22 | 23 |
23 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; | 24 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; |
24 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; | 25 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; |
25 | 26 |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
108 content::BrowserThread::PostDelayedTask( | 109 content::BrowserThread::PostDelayedTask( |
109 content::BrowserThread::UI, | 110 content::BrowserThread::UI, |
110 FROM_HERE, | 111 FROM_HERE, |
111 base::Bind(&ReportSuccessfulBlocks), | 112 base::Bind(&ReportSuccessfulBlocks), |
112 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); | 113 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); |
113 | 114 |
114 // Make sure the early finch emergency "off switch" for | 115 // Make sure the early finch emergency "off switch" for |
115 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. | 116 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. |
116 // Note: the very existence of this key signals elf to not enable | 117 // Note: the very existence of this key signals elf to not enable |
117 // this mitigation on browser next start. | 118 // this mitigation on browser next start. |
118 base::win::RegKey finch_security_registry_key( | 119 const base::string16 finch_path(install_static::GetRegistryPath().append( |
119 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_READ); | 120 elf_sec::kRegSecurityFinchKeyName)); |
121 base::win::RegKey finch_security_registry_key(HKEY_CURRENT_USER, | |
122 finch_path.c_str(), KEY_READ); | |
120 | 123 |
121 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { | 124 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { |
122 if (finch_security_registry_key.Valid()) | 125 if (finch_security_registry_key.Valid()) |
123 finch_security_registry_key.DeleteKey(L""); | 126 finch_security_registry_key.DeleteKey(L""); |
124 } else { | 127 } else { |
125 if (!finch_security_registry_key.Valid()) | 128 if (!finch_security_registry_key.Valid()) { |
126 finch_security_registry_key.Create( | 129 finch_security_registry_key.Create(HKEY_CURRENT_USER, finch_path.c_str(), |
127 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_WRITE); | 130 KEY_WRITE); |
131 } | |
128 } | 132 } |
129 } | 133 } |
130 | 134 |
131 void BrowserBlacklistBeaconSetup() { | 135 void BrowserBlacklistBeaconSetup() { |
132 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, | 136 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, |
133 blacklist::kRegistryBeaconPath, | 137 blacklist::kRegistryBeaconPath, |
grt (UTC plus 2)
2017/03/20 12:55:20
oops, missed this one. will address in the next pa
grt (UTC plus 2)
2017/03/20 20:13:36
Done.
| |
134 KEY_QUERY_VALUE | KEY_SET_VALUE); | 138 KEY_QUERY_VALUE | KEY_SET_VALUE); |
135 | 139 |
136 // No point in trying to continue if the registry key isn't valid. | 140 // No point in trying to continue if the registry key isn't valid. |
137 if (!blacklist_registry_key.Valid()) | 141 if (!blacklist_registry_key.Valid()) |
138 return; | 142 return; |
139 | 143 |
140 // Record the results of the last blacklist setup. | 144 // Record the results of the last blacklist setup. |
141 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | 145 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; |
142 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); | 146 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); |
143 | 147 |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
186 | 190 |
187 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, | 191 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, |
188 static_cast<DWORD>(0)); | 192 static_cast<DWORD>(0)); |
189 | 193 |
190 // Only report the blacklist as getting setup when both registry writes | 194 // Only report the blacklist as getting setup when both registry writes |
191 // succeed, since otherwise the blacklist wasn't properly setup. | 195 // succeed, since otherwise the blacklist wasn't properly setup. |
192 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) | 196 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) |
193 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); | 197 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); |
194 } | 198 } |
195 } | 199 } |
OLD | NEW |