sandbox/win/src/sandbox_policy_base.cc - Issue 546903002: Added logging in PolicyBase::AddRule.

Side by Side Diff: sandbox/win/src/sandbox_policy_base.cc

Issue 546903002: Added logging in PolicyBase::AddRule. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Sat Sep 6 15:41:00 PDT 2014 Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/win/src/sandbox_policy_base.h"	5 #include "sandbox/win/src/sandbox_policy_base.h"

6	6

7 #include <sddl.h>	7 #include <sddl.h>

8	8

9 #include "base/basictypes.h"	9 #include "base/basictypes.h"

10 #include "base/callback.h"	10 #include "base/callback.h"

(...skipping 355 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
366 return SBOX_ALL_OK;	366 return SBOX_ALL_OK;

367 }	367 }

368	368

369 ResultCode PolicyBase::SetStderrHandle(HANDLE handle) {	369 ResultCode PolicyBase::SetStderrHandle(HANDLE handle) {

370 if (!IsInheritableHandle(handle))	370 if (!IsInheritableHandle(handle))

371 return SBOX_ERROR_BAD_PARAMS;	371 return SBOX_ERROR_BAD_PARAMS;

372 stderr_handle_ = handle;	372 stderr_handle_ = handle;

373 return SBOX_ALL_OK;	373 return SBOX_ALL_OK;

374 }	374 }

375	375

376 ResultCode PolicyBase::AddRule(SubSystem subsystem, Semantics semantics,	376 ResultCode PolicyBase::AddRule(SubSystem subsystem,

	377 Semantics semantics,

377 const wchar_t* pattern) {	378 const wchar_t* pattern) {

378 if (NULL == policy_) {	379 ResultCode result = AddRuleInternal(subsystem, semantics, pattern);

379 policy_ = MakeBrokerPolicyMemory();	380 LOG_IF(ERROR, result != SBOX_ALL_OK) << "Failed to add sandbox rule."

380 DCHECK(policy_);	381 << " error = " << result

381 policy_maker_ = new LowLevelPolicy(policy_);	382 << ", subsystem = " << subsystem

382 DCHECK(policy_maker_);	383 << ", semantics = " << semantics

383 }	384 << ", pattern = '" << pattern << "'";

384	385 return result;

385 switch (subsystem) {

386 case SUBSYS_FILES: {

387 if (!file_system_init_) {

388 if (!FileSystemPolicy::SetInitialRules(policy_maker_))

389 return SBOX_ERROR_BAD_PARAMS;

390 file_system_init_ = true;

391 }

392 if (!FileSystemPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

393 NOTREACHED();

394 return SBOX_ERROR_BAD_PARAMS;

395 }

396 break;

397 }

398 case SUBSYS_SYNC: {

399 if (!SyncPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

400 NOTREACHED();

401 return SBOX_ERROR_BAD_PARAMS;

402 }

403 break;

404 }

405 case SUBSYS_PROCESS: {

406 if (lockdown_level_ < USER_INTERACTIVE &&

407 TargetPolicy::PROCESS_ALL_EXEC == semantics) {

408 // This is unsupported. This is a huge security risk to give full access

409 // to a process handle.

410 return SBOX_ERROR_UNSUPPORTED;

411 }

412 if (!ProcessPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

413 NOTREACHED();

414 return SBOX_ERROR_BAD_PARAMS;

415 }

416 break;

417 }

418 case SUBSYS_NAMED_PIPES: {

419 if (!NamedPipePolicy::GenerateRules(pattern, semantics, policy_maker_)) {

420 NOTREACHED();

421 return SBOX_ERROR_BAD_PARAMS;

422 }

423 break;

424 }

425 case SUBSYS_REGISTRY: {

426 if (!RegistryPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

427 NOTREACHED();

428 return SBOX_ERROR_BAD_PARAMS;

429 }

430 break;

431 }

432 case SUBSYS_HANDLES: {

433 if (!HandlePolicy::GenerateRules(pattern, semantics, policy_maker_)) {

434 NOTREACHED();

435 return SBOX_ERROR_BAD_PARAMS;

436 }

437 break;

438 }

439

440 case SUBSYS_WIN32K_LOCKDOWN: {

441 if (!ProcessMitigationsWin32KLockdownPolicy::GenerateRules(

442 pattern, semantics,policy_maker_)) {

443 NOTREACHED();

444 return SBOX_ERROR_BAD_PARAMS;

445 }

446 break;

447 }

448

449 default: {

450 return SBOX_ERROR_UNSUPPORTED;

451 }

452 }

453

454 return SBOX_ALL_OK;

455 }	386 }

456	387

457 ResultCode PolicyBase::AddDllToUnload(const wchar_t* dll_name) {	388 ResultCode PolicyBase::AddDllToUnload(const wchar_t* dll_name) {

458 blacklisted_dlls_.push_back(dll_name);	389 blacklisted_dlls_.push_back(dll_name);

459 return SBOX_ALL_OK;	390 return SBOX_ALL_OK;

460 }	391 }

461	392

462 ResultCode PolicyBase::AddKernelObjectToClose(const base::char16* handle_type,	393 ResultCode PolicyBase::AddKernelObjectToClose(const base::char16* handle_type,

463 const base::char16* handle_name) {	394 const base::char16* handle_name) {

464 return handle_closer_.AddHandle(handle_type, handle_name);	395 return handle_closer_.AddHandle(handle_type, handle_name);

(...skipping 263 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
728 return false;	659 return false;

729	660

730 // Finally, setup imports on the target so the interceptions can work.	661 // Finally, setup imports on the target so the interceptions can work.

731 return SetupNtdllImports(target);	662 return SetupNtdllImports(target);

732 }	663 }

733	664

734 bool PolicyBase::SetupHandleCloser(TargetProcess* target) {	665 bool PolicyBase::SetupHandleCloser(TargetProcess* target) {

735 return handle_closer_.InitializeTargetHandles(target);	666 return handle_closer_.InitializeTargetHandles(target);

736 }	667 }

737	668

	669 ResultCode PolicyBase::AddRuleInternal(SubSystem subsystem,

	670 Semantics semantics,

	671 const wchar_t* pattern) {

	672 if (NULL == policy_) {

	673 policy_ = MakeBrokerPolicyMemory();

	674 DCHECK(policy_);

	675 policy_maker_ = new LowLevelPolicy(policy_);

	676 DCHECK(policy_maker_);

	677 }

	678

	679 switch (subsystem) {

	680 case SUBSYS_FILES: {

	681 if (!file_system_init_) {

	682 if (!FileSystemPolicy::SetInitialRules(policy_maker_))

	683 return SBOX_ERROR_BAD_PARAMS;

	684 file_system_init_ = true;

	685 }

	686 if (!FileSystemPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	687 NOTREACHED();

	688 return SBOX_ERROR_BAD_PARAMS;

	689 }

	690 break;

	691 }

	692 case SUBSYS_SYNC: {

	693 if (!SyncPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	694 NOTREACHED();

	695 return SBOX_ERROR_BAD_PARAMS;

	696 }

	697 break;

	698 }

	699 case SUBSYS_PROCESS: {

	700 if (lockdown_level_ < USER_INTERACTIVE &&

	701 TargetPolicy::PROCESS_ALL_EXEC == semantics) {

	702 // This is unsupported. This is a huge security risk to give full access

	703 // to a process handle.

	704 return SBOX_ERROR_UNSUPPORTED;

	705 }

	706 if (!ProcessPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	707 NOTREACHED();

	708 return SBOX_ERROR_BAD_PARAMS;

	709 }

	710 break;

	711 }

	712 case SUBSYS_NAMED_PIPES: {

	713 if (!NamedPipePolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	714 NOTREACHED();

	715 return SBOX_ERROR_BAD_PARAMS;

	716 }

	717 break;

	718 }

	719 case SUBSYS_REGISTRY: {

	720 if (!RegistryPolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	721 NOTREACHED();

	722 return SBOX_ERROR_BAD_PARAMS;

	723 }

	724 break;

	725 }

	726 case SUBSYS_HANDLES: {

	727 if (!HandlePolicy::GenerateRules(pattern, semantics, policy_maker_)) {

	728 NOTREACHED();

	729 return SBOX_ERROR_BAD_PARAMS;

	730 }

	731 break;

	732 }

	733

	734 case SUBSYS_WIN32K_LOCKDOWN: {

	735 if (!ProcessMitigationsWin32KLockdownPolicy::GenerateRules(

	736 pattern, semantics, policy_maker_)) {

	737 NOTREACHED();

	738 return SBOX_ERROR_BAD_PARAMS;

	739 }

	740 break;

	741 }

	742

	743 default: { return SBOX_ERROR_UNSUPPORTED; }

	744 }

	745

	746 return SBOX_ALL_OK;

	747 }

	748

738 } // namespace sandbox	749 } // namespace sandbox

OLD	NEW

« no previous file with comments | « sandbox/win/src/sandbox_policy_base.h ('k') | no next file » | no next file with comments »