OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/win/chrome_elf_init.h" | 5 #include "chrome/browser/win/chrome_elf_init.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
11 #include "base/metrics/histogram_macros.h" | 11 #include "base/metrics/histogram_macros.h" |
12 #include "base/metrics/sparse_histogram.h" | 12 #include "base/metrics/sparse_histogram.h" |
13 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
14 #include "base/win/registry.h" | 14 #include "base/win/registry.h" |
15 #include "chrome/common/chrome_version.h" | 15 #include "chrome/common/chrome_version.h" |
| 16 #include "chrome/install_static/install_util.h" |
16 #include "chrome_elf/blacklist/blacklist.h" | 17 #include "chrome_elf/blacklist/blacklist.h" |
17 #include "chrome_elf/chrome_elf_constants.h" | 18 #include "chrome_elf/chrome_elf_constants.h" |
18 #include "chrome_elf/dll_hash/dll_hash.h" | 19 #include "chrome_elf/dll_hash/dll_hash.h" |
19 #include "components/variations/variations_associated_data.h" | 20 #include "components/variations/variations_associated_data.h" |
20 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
21 #include "content/public/common/content_features.h" | 22 #include "content/public/common/content_features.h" |
22 | 23 |
23 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; | 24 const char kBrowserBlacklistTrialName[] = "BrowserBlacklist"; |
24 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; | 25 const char kBrowserBlacklistTrialDisabledGroupName[] = "NoBlacklist"; |
25 | 26 |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
80 // Send up the hashes of the blocked dlls via UMA. | 81 // Send up the hashes of the blocked dlls via UMA. |
81 for (size_t i = 0; i < blocked_dlls.size(); ++i) { | 82 for (size_t i = 0; i < blocked_dlls.size(); ++i) { |
82 std::string dll_name_utf8; | 83 std::string dll_name_utf8; |
83 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); | 84 base::WideToUTF8(blocked_dlls[i], wcslen(blocked_dlls[i]), &dll_name_utf8); |
84 int uma_hash = DllNameToHash(dll_name_utf8); | 85 int uma_hash = DllNameToHash(dll_name_utf8); |
85 | 86 |
86 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); | 87 UMA_HISTOGRAM_SPARSE_SLOWLY("Blacklist.Blocked", uma_hash); |
87 } | 88 } |
88 } | 89 } |
89 | 90 |
| 91 base::string16 GetBeaconRegistryPath() { |
| 92 return install_static::GetRegistryPath().append( |
| 93 blacklist::kRegistryBeaconKeyName); |
| 94 } |
| 95 |
90 } // namespace | 96 } // namespace |
91 | 97 |
92 void InitializeChromeElf() { | 98 void InitializeChromeElf() { |
93 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == | 99 if (base::FieldTrialList::FindFullName(kBrowserBlacklistTrialName) == |
94 kBrowserBlacklistTrialDisabledGroupName) { | 100 kBrowserBlacklistTrialDisabledGroupName) { |
95 // Disable the blacklist for all future runs by removing the beacon. | 101 // Disable the blacklist for all future runs by removing the beacon. |
96 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); | 102 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER); |
97 blacklist_registry_key.DeleteKey(blacklist::kRegistryBeaconPath); | 103 blacklist_registry_key.DeleteKey(GetBeaconRegistryPath().c_str()); |
98 } else { | 104 } else { |
99 BrowserBlacklistBeaconSetup(); | 105 BrowserBlacklistBeaconSetup(); |
100 } | 106 } |
101 | 107 |
102 // Report all successful blacklist interceptions. | 108 // Report all successful blacklist interceptions. |
103 ReportSuccessfulBlocks(); | 109 ReportSuccessfulBlocks(); |
104 | 110 |
105 // Schedule another task to report all successful interceptions later. | 111 // Schedule another task to report all successful interceptions later. |
106 // This time delay should be long enough to catch any dlls that attempt to | 112 // This time delay should be long enough to catch any dlls that attempt to |
107 // inject after Chrome has started up. | 113 // inject after Chrome has started up. |
108 content::BrowserThread::PostDelayedTask( | 114 content::BrowserThread::PostDelayedTask( |
109 content::BrowserThread::UI, | 115 content::BrowserThread::UI, |
110 FROM_HERE, | 116 FROM_HERE, |
111 base::Bind(&ReportSuccessfulBlocks), | 117 base::Bind(&ReportSuccessfulBlocks), |
112 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); | 118 base::TimeDelta::FromSeconds(kBlacklistReportingDelaySec)); |
113 | 119 |
114 // Make sure the early finch emergency "off switch" for | 120 // Make sure the early finch emergency "off switch" for |
115 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. | 121 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE is set properly in reg. |
116 // Note: the very existence of this key signals elf to not enable | 122 // Note: the very existence of this key signals elf to not enable |
117 // this mitigation on browser next start. | 123 // this mitigation on browser next start. |
118 base::win::RegKey finch_security_registry_key( | 124 const base::string16 finch_path(install_static::GetRegistryPath().append( |
119 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_READ); | 125 elf_sec::kRegSecurityFinchKeyName)); |
| 126 base::win::RegKey finch_security_registry_key(HKEY_CURRENT_USER, |
| 127 finch_path.c_str(), KEY_READ); |
120 | 128 |
121 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { | 129 if (base::FeatureList::IsEnabled(features::kWinSboxDisableExtensionPoints)) { |
122 if (finch_security_registry_key.Valid()) | 130 if (finch_security_registry_key.Valid()) |
123 finch_security_registry_key.DeleteKey(L""); | 131 finch_security_registry_key.DeleteKey(L""); |
124 } else { | 132 } else { |
125 if (!finch_security_registry_key.Valid()) | 133 if (!finch_security_registry_key.Valid()) { |
126 finch_security_registry_key.Create( | 134 finch_security_registry_key.Create(HKEY_CURRENT_USER, finch_path.c_str(), |
127 HKEY_CURRENT_USER, elf_sec::kRegSecurityFinchPath, KEY_WRITE); | 135 KEY_WRITE); |
| 136 } |
128 } | 137 } |
129 } | 138 } |
130 | 139 |
131 void BrowserBlacklistBeaconSetup() { | 140 void BrowserBlacklistBeaconSetup() { |
132 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, | 141 base::win::RegKey blacklist_registry_key(HKEY_CURRENT_USER, |
133 blacklist::kRegistryBeaconPath, | 142 GetBeaconRegistryPath().c_str(), |
134 KEY_QUERY_VALUE | KEY_SET_VALUE); | 143 KEY_QUERY_VALUE | KEY_SET_VALUE); |
135 | 144 |
136 // No point in trying to continue if the registry key isn't valid. | 145 // No point in trying to continue if the registry key isn't valid. |
137 if (!blacklist_registry_key.Valid()) | 146 if (!blacklist_registry_key.Valid()) |
138 return; | 147 return; |
139 | 148 |
140 // Record the results of the last blacklist setup. | 149 // Record the results of the last blacklist setup. |
141 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; | 150 DWORD blacklist_state = blacklist::BLACKLIST_STATE_MAX; |
142 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); | 151 blacklist_registry_key.ReadValueDW(blacklist::kBeaconState, &blacklist_state); |
143 | 152 |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
186 | 195 |
187 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, | 196 blacklist_registry_key.WriteValue(blacklist::kBeaconAttemptCount, |
188 static_cast<DWORD>(0)); | 197 static_cast<DWORD>(0)); |
189 | 198 |
190 // Only report the blacklist as getting setup when both registry writes | 199 // Only report the blacklist as getting setup when both registry writes |
191 // succeed, since otherwise the blacklist wasn't properly setup. | 200 // succeed, since otherwise the blacklist wasn't properly setup. |
192 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) | 201 if (set_version == ERROR_SUCCESS && set_state == ERROR_SUCCESS) |
193 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); | 202 RecordBlacklistSetupEvent(BLACKLIST_SETUP_ENABLED); |
194 } | 203 } |
195 } | 204 } |
OLD | NEW |