| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/win/chrome_elf_init.h" | 5 #include "chrome/browser/win/chrome_elf_init.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| 11 #include "base/metrics/histogram_macros.h" | 11 #include "base/metrics/histogram_macros.h" |
| 12 #include "base/metrics/sparse_histogram.h" | 12 #include "base/metrics/sparse_histogram.h" |
| 13 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
| 14 #include "base/win/registry.h" | 14 #include "base/win/registry.h" |
| 15 #include "chrome/common/chrome_version.h" | 15 #include "chrome/common/chrome_version.h" |
| 16 #include "chrome/install_static/install_util.h" |
| 16 #include "chrome_elf/blacklist/blacklist.h" | 17 #include "chrome_elf/blacklist/blacklist.h" |
| 17 #include "chrome_elf/chrome_elf_constants.h" | 18 #include "chrome_elf/chrome_elf_constants.h" |
| 18 #include "chrome_elf/dll_hash/dll_hash.h" | 19 #include "chrome_elf/dll_hash/dll_hash.h" |
| 19 #include "components/variations/variations_associated_data.h" | 20 #include "components/variations/variations_associated_data.h" |
| 20 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
| 21 #include "content/public/common/content_features.h" | 22 #include "content/public/common/content_features.h" |
| 22 | 23 |
| 23 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; | 24 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; |
| 24 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; | 25 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; |
| 25 | 26 |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 // Send up the hashes of the blocked dlls via UMA. | 81 // Send up the hashes of the blocked dlls via UMA. |
| 81 for (size_t i = 0; i < blocked_dlls.size(); ++i) { | 82 for (size_t i = 0; i < blocked_dlls.size(); ++i) { |
| 82 std::string dll_name_utf8; | 83 std::string dll_name_utf8; |
| 83 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); | 84 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); |
| 84 int uma_hash = DllNameToHash(dll_name_utf8); | 85 int uma_hash = DllNameToHash(dll_name_utf8); |
| 85 | 86 |
| 86 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); | 87 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); |
| 87 } | 88 } |
| 88 } | 89 } |
| 89 | 90 |
| 91 base::string16 GetBeaconRegistryPath() { |
| 92 return install_static::GetRegistryPath().append(kRegistryBeaconKeyName); |
| 93 } |
| 94 |
| 90 } // namespace | 95 } // namespace |
| 91 | 96 |
| 92 void InitializeChromeElf() { | 97 void InitializeChromeElf() { |
| 93 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == | 98 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == |
| 94 kBrowserBlacklistTrialDisabledGroupName) { | 99 kBrowserBlacklistTrialDisabledGroupName) { |
| 95 // Disable the blacklist for all future runs by removing the beacon. | 100 // Disable the blacklist for all future runs by removing the beacon. |
| 96 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); | 101 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); |
| 97 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); | 102 blacklist_registry_key.DeleteKey(GetBeaconRegistryPath().c_str()); |
| 98 } else { | 103 } else { |
| 99 BrowserBlacklistBeaconSetup(); | 104 BrowserBlacklistBeaconSetup(); |
| 100 } | 105 } |
| 101 | 106 |
| 102 // Report all successful blacklist interceptions. | 107 // Report all successful blacklist interceptions. |
| 103 ReportSuccessfulBlocks(); | 108 ReportSuccessfulBlocks(); |
| 104 | 109 |
| 105 // Schedule another task to report all successful interceptions later. | 110 // Schedule another task to report all successful interceptions later. |
| 106 // This time delay should be long enough to catch any dlls that attempt to | 111 // This time delay should be long enough to catch any dlls that attempt to |
| 107 // inject after Chrome has started up. | 112 // inject after Chrome has started up. |
| 108 content::BrowserThread::PostDelayedTask( | 113 content::BrowserThread::PostDelayedTask( |
| 109 content::BrowserThread::UI, | 114 content::BrowserThread::UI, |
| 110 FROM_HERE, | 115 FROM_HERE, |
| 111 base::Bind(&ReportSuccessfulBlocks), | 116 base::Bind(&ReportSuccessfulBlocks), |
| 112 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); | 117 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); |
| 113 | 118 |
| 114 // Make sure the early finch emergency "off switch" for | 119 // Make sure the early finch emergency "off switch" for |
| 115 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. | 120 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. |
| 116 // Note: the very existence of this key signals elf to not enable | 121 // Note: the very existence of this key signals elf to not enable |
| 117 // this mitigation on browser next start. | 122 // this mitigation on browser next start. |
| 118 base::win::RegKey finch_security_registry_key( | 123 const base::string16 finch_path(install_static::GetRegistryPath().append( |
| 119 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_READ); | 124 elf_sec::kRegSecurityFinchKeyName)); |
| 125 base::win::RegKey finch_security_registry_key(HKEY_CURRENT_USER, |
| 126 finch_path.c_str(), KEY_READ); |
| 120 | 127 |
| 121 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { | 128 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { |
| 122 if (finch_security_registry_key.Valid()) | 129 if (finch_security_registry_key.Valid()) |
| 123 finch_security_registry_key.DeleteKey(L""); | 130 finch_security_registry_key.DeleteKey(L""); |
| 124 } else { | 131 } else { |
| 125 if (!finch_security_registry_key.Valid()) | 132 if (!finch_security_registry_key.Valid()) { |
| 126 finch_security_registry_key.Create( | 133 finch_security_registry_key.Create(HKEY_CURRENT_USER, finch_path.c_str(), |
| 127 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_WRITE); | 134 KEY_WRITE); |
| 135 } |
| 128 } | 136 } |
| 129 } | 137 } |
| 130 | 138 |
| 131 void BrowserBlacklistBeaconSetup() { | 139 void BrowserBlacklistBeaconSetup() { |
| 132 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, | 140 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, |
| 133 blacklist::kRegistryBeaconPath, | 141 GetBeaconRegistryPath().c_str(), |
| 134 KEY_QUERY_VALUE | KEY_SET_VALUE); | 142 KEY_QUERY_VALUE | KEY_SET_VALUE); |
| 135 | 143 |
| 136 // No point in trying to continue if the registry key isn't valid. | 144 // No point in trying to continue if the registry key isn't valid. |
| 137 if (!blacklist_registry_key.Valid()) | 145 if (!blacklist_registry_key.Valid()) |
| 138 return; | 146 return; |
| 139 | 147 |
| 140 // Record the results of the last blacklist setup. | 148 // Record the results of the last blacklist setup. |
| 141 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | 149 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; |
| 142 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); | 150 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); |
| 143 | 151 |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 186 | 194 |
| 187 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, | 195 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, |
| 188 static_cast<DWORD>(0)); | 196 static_cast<DWORD>(0)); |
| 189 | 197 |
| 190 // Only report the blacklist as getting setup when both registry writes | 198 // Only report the blacklist as getting setup when both registry writes |
| 191 // succeed, since otherwise the blacklist wasn't properly setup. | 199 // succeed, since otherwise the blacklist wasn't properly setup. |
| 192 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) | 200 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) |
| 193 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); | 201 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); |
| 194 } | 202 } |
| 195 } | 203 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2760853002:
Remove use of PRODUCT_STRING_PATH in chrome_elf. (Closed)
