Sandbox policy and intercepts for the MITIGATION_WIN32K_DISABLE policy for renderer processes.

sandbox/win/src/process_mitigations_test.cc

Index: sandbox/win/src/process_mitigations_test.cc
diff --git a/sandbox/win/src/process_mitigations_test.cc b/sandbox/win/src/process_mitigations_test.cc
index 19e55bac2b91715d0c536ab37bc9dce685e7aebf..d231c55fa026e2887e01cadd2990bac8e045eb38 100644
--- a/sandbox/win/src/process_mitigations_test.cc
+++ b/sandbox/win/src/process_mitigations_test.cc
@@ -88,7 +88,6 @@ SBOX_TESTS_COMMAND int CheckWin8(int argc, wchar_t **argv) {
       reinterpret_cast<GetProcessMitigationPolicyFunction>(
           ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"),
                            "GetProcessMitigationPolicy"));
-
   if (!get_process_mitigation_policy)
     return SBOX_TEST_NOT_FOUND;
 
@@ -103,9 +102,6 @@ SBOX_TESTS_COMMAND int CheckWin8(int argc, wchar_t **argv) {
   if (!CheckWin8StrictHandlePolicy())
     return SBOX_TEST_THIRD_ERROR;
 
-  if (!CheckWin8Win32CallPolicy())
-    return SBOX_TEST_FOURTH_ERROR;
-
   if (!CheckWin8DllExtensionPolicy())
     return SBOX_TEST_FIFTH_ERROR;
 
@@ -201,5 +197,52 @@ TEST(ProcessMitigationsTest, CheckDep) {
 }
 #endif
 
+SBOX_TESTS_COMMAND int CheckWin8Lockdown(int argc, wchar_t **argv) {
+  get_process_mitigation_policy =
+      reinterpret_cast<GetProcessMitigationPolicyFunction>(
+          ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"),
+                           "GetProcessMitigationPolicy"));
+  if (!get_process_mitigation_policy)
+    return SBOX_TEST_NOT_FOUND;
+
+  if (!CheckWin8Win32CallPolicy())
+    return SBOX_TEST_FIRST_ERROR;
+  return SBOX_TEST_SUCCEEDED;
+}
+
+// This test validates that setting the MITIGATION_WIN32K_DISABLE mitigation on
+// the target process causes the launch to fail in process initialization.
+// The test process itself links against user32/gdi32.
+TEST(ProcessMitigationsTest, CheckWin8Win32KLockDownFailure) {
+  if (base::win::GetVersion() < base::win::VERSION_WIN8)
+    return;
+
+  TestRunner runner;
+  sandbox::TargetPolicy* policy = runner.GetPolicy();
+
+  EXPECT_EQ(policy->SetProcessMitigations(MITIGATION_WIN32K_DISABLE),
+            SBOX_ALL_OK);
+  EXPECT_NE(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8Lockdown"));
+}
+
+// This test validates that setting the MITIGATION_WIN32K_DISABLE mitigation 
+// along with the policy to fake user32 and gdi32 initialization successfully
+// launches the target process.
+// The test process itself links against user32/gdi32.
+TEST(ProcessMitigationsTest, CheckWin8Win32KLockDownSuccess) {
+  if (base::win::GetVersion() < base::win::VERSION_WIN8)
+    return;
+
+  TestRunner runner;
+  sandbox::TargetPolicy* policy = runner.GetPolicy();
+
+  EXPECT_EQ(policy->SetProcessMitigations(MITIGATION_WIN32K_DISABLE),
+                                          SBOX_ALL_OK);

[rvargas (doing something else), 2014/06/10 23:03:08]

nit: indent under first arg (policy->)

[ananta, 2014/06/10 23:15:57]

Done.

+  EXPECT_EQ(policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN,
+                            sandbox::TargetPolicy::FAKE_USER_GDI_INIT,
+                            NULL), sandbox::SBOX_ALL_OK);

[rvargas (doing something else), 2014/06/10 23:03:08]

nit: move NULL to the previous line, and the result to indent under policy->

[ananta, 2014/06/10 23:15:57]

Done.

+  EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8Lockdown"));
+}
+
 }  // namespace sandbox