| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/strings/stringprintf.h" | 5 #include "base/strings/stringprintf.h" |
| 6 #include "base/win/scoped_handle.h" | 6 #include "base/win/scoped_handle.h" |
| 7 | 7 |
| 8 #include "base/win/windows_version.h" | 8 #include "base/win/windows_version.h" |
| 9 #include "sandbox/win/src/nt_internals.h" | 9 #include "sandbox/win/src/nt_internals.h" |
| 10 #include "sandbox/win/src/process_mitigations.h" | 10 #include "sandbox/win/src/process_mitigations.h" |
| (...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 122 sandbox::MitigationFlags mitigations = MITIGATION_DEP | | 122 sandbox::MitigationFlags mitigations = MITIGATION_DEP | |
| 123 MITIGATION_DEP_NO_ATL_THUNK | | 123 MITIGATION_DEP_NO_ATL_THUNK | |
| 124 MITIGATION_EXTENSION_DLL_DISABLE; | 124 MITIGATION_EXTENSION_DLL_DISABLE; |
| 125 #if defined(NDEBUG) // ASLR cannot be forced in debug builds. | 125 #if defined(NDEBUG) // ASLR cannot be forced in debug builds. |
| 126 mitigations |= MITIGATION_RELOCATE_IMAGE | | 126 mitigations |= MITIGATION_RELOCATE_IMAGE | |
| 127 MITIGATION_RELOCATE_IMAGE_REQUIRED; | 127 MITIGATION_RELOCATE_IMAGE_REQUIRED; |
| 128 #endif | 128 #endif |
| 129 | 129 |
| 130 EXPECT_EQ(policy->SetProcessMitigations(mitigations), SBOX_ALL_OK); | 130 EXPECT_EQ(policy->SetProcessMitigations(mitigations), SBOX_ALL_OK); |
| 131 | 131 |
| 132 mitigations |= MITIGATION_STRICT_HANDLE_CHECKS | | 132 mitigations |= MITIGATION_STRICT_HANDLE_CHECKS; |
| 133 MITIGATION_WIN32K_DISABLE; | |
| 134 | 133 |
| 135 EXPECT_EQ(policy->SetDelayedProcessMitigations(mitigations), SBOX_ALL_OK); | 134 EXPECT_EQ(policy->SetDelayedProcessMitigations(mitigations), SBOX_ALL_OK); |
| 136 | 135 |
| 137 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8")); | 136 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8")); |
| 138 } | 137 } |
| 139 | 138 |
| 140 | 139 |
| 141 SBOX_TESTS_COMMAND int CheckDep(int argc, wchar_t **argv) { | 140 SBOX_TESTS_COMMAND int CheckDep(int argc, wchar_t **argv) { |
| 142 GetProcessDEPPolicyFunction get_process_dep_policy = | 141 GetProcessDEPPolicyFunction get_process_dep_policy = |
| 143 reinterpret_cast<GetProcessDEPPolicyFunction>( | 142 reinterpret_cast<GetProcessDEPPolicyFunction>( |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 MITIGATION_DEP | | 196 MITIGATION_DEP | |
| 198 MITIGATION_DEP_NO_ATL_THUNK | | 197 MITIGATION_DEP_NO_ATL_THUNK | |
| 199 MITIGATION_SEHOP), | 198 MITIGATION_SEHOP), |
| 200 SBOX_ALL_OK); | 199 SBOX_ALL_OK); |
| 201 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckDep")); | 200 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckDep")); |
| 202 } | 201 } |
| 203 #endif | 202 #endif |
| 204 | 203 |
| 205 } // namespace sandbox | 204 } // namespace sandbox |
| 206 | 205 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 282133007:
Allow the MITIGATION_WIN32K_DISABLE process mitigation to be set in the renderer sandbox. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src