Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(366)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/process_mitigations.cc

Issue 810083002: Added a new process mitigation to harden process token IL policy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Changed comments to correctly indicate Windows 7 Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/app/startup_helper_win.cc ('k') | sandbox/win/src/restricted_token_utils.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/process_mitigations.h" 5 #include "sandbox/win/src/process_mitigations.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/win/windows_version.h" 9 #include "base/win/windows_version.h"
10 #include "sandbox/win/src/nt_internals.h" 10 #include "sandbox/win/src/nt_internals.h"
11 #include "sandbox/win/src/restricted_token_utils.h"
11 #include "sandbox/win/src/win_utils.h" 12 #include "sandbox/win/src/win_utils.h"
12 13
13 namespace { 14 namespace {
14 15
15 // Functions for enabling policies. 16 // Functions for enabling policies.
16 typedef BOOL (WINAPI *SetProcessDEPPolicyFunction)(DWORD dwFlags); 17 typedef BOOL (WINAPI *SetProcessDEPPolicyFunction)(DWORD dwFlags);
17 18
18 typedef BOOL (WINAPI *SetProcessMitigationPolicyFunction)( 19 typedef BOOL (WINAPI *SetProcessMitigationPolicyFunction)(
19 PROCESS_MITIGATION_POLICY mitigation_policy, 20 PROCESS_MITIGATION_POLICY mitigation_policy,
20 PVOID buffer, 21 PVOID buffer,
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
52 // Set the heap to terminate on corruption 53 // Set the heap to terminate on corruption
53 if (version >= base::win::VERSION_VISTA && 54 if (version >= base::win::VERSION_VISTA &&
54 (flags & MITIGATION_HEAP_TERMINATE)) { 55 (flags & MITIGATION_HEAP_TERMINATE)) {
55 if (!::HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, 56 if (!::HeapSetInformation(NULL, HeapEnableTerminationOnCorruption,
56 NULL, 0) && 57 NULL, 0) &&
57 ERROR_ACCESS_DENIED != ::GetLastError()) { 58 ERROR_ACCESS_DENIED != ::GetLastError()) {
58 return false; 59 return false;
59 } 60 }
60 } 61 }
61 62
63 if (version >= base::win::VERSION_WIN7 &&
64 (flags & MITIGATION_HARDEN_TOKEN_IL_POLICY)) {
65 DWORD error = HardenProcessIntegrityLevelPolicy();
66 if ((error != ERROR_SUCCESS) && (error != ERROR_ACCESS_DENIED))
67 return false;
68 }
69
62 #if !defined(_WIN64) // DEP is always enabled on 64-bit. 70 #if !defined(_WIN64) // DEP is always enabled on 64-bit.
63 if (flags & MITIGATION_DEP) { 71 if (flags & MITIGATION_DEP) {
64 DWORD dep_flags = PROCESS_DEP_ENABLE; 72 DWORD dep_flags = PROCESS_DEP_ENABLE;
65 // DEP support is quirky on XP, so don't force a failure in that case. 73 // DEP support is quirky on XP, so don't force a failure in that case.
66 const bool return_on_fail = version >= base::win::VERSION_VISTA; 74 const bool return_on_fail = version >= base::win::VERSION_VISTA;
67 75
68 if (flags & MITIGATION_DEP_NO_ATL_THUNK) 76 if (flags & MITIGATION_DEP_NO_ATL_THUNK)
69 dep_flags |= PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION; 77 dep_flags |= PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION;
70 78
71 SetProcessDEPPolicyFunction set_process_dep_policy = 79 SetProcessDEPPolicyFunction set_process_dep_policy =
(...skipping 230 matching lines...) Expand 10 before | Expand all | Expand 10 after
302 bool CanSetProcessMitigationsPostStartup(MitigationFlags flags) { 310 bool CanSetProcessMitigationsPostStartup(MitigationFlags flags) {
303 // All of these mitigations can be enabled after startup. 311 // All of these mitigations can be enabled after startup.
304 return !(flags & ~(MITIGATION_HEAP_TERMINATE | 312 return !(flags & ~(MITIGATION_HEAP_TERMINATE |
305 MITIGATION_DEP | 313 MITIGATION_DEP |
306 MITIGATION_DEP_NO_ATL_THUNK | 314 MITIGATION_DEP_NO_ATL_THUNK |
307 MITIGATION_RELOCATE_IMAGE | 315 MITIGATION_RELOCATE_IMAGE |
308 MITIGATION_RELOCATE_IMAGE_REQUIRED | 316 MITIGATION_RELOCATE_IMAGE_REQUIRED |
309 MITIGATION_BOTTOM_UP_ASLR | 317 MITIGATION_BOTTOM_UP_ASLR |
310 MITIGATION_STRICT_HANDLE_CHECKS | 318 MITIGATION_STRICT_HANDLE_CHECKS |
311 MITIGATION_EXTENSION_DLL_DISABLE | 319 MITIGATION_EXTENSION_DLL_DISABLE |
312 MITIGATION_DLL_SEARCH_ORDER)); 320 MITIGATION_DLL_SEARCH_ORDER |
321 MITIGATION_HARDEN_TOKEN_IL_POLICY));
313 } 322 }
314 323
315 bool CanSetProcessMitigationsPreStartup(MitigationFlags flags) { 324 bool CanSetProcessMitigationsPreStartup(MitigationFlags flags) {
316 // These mitigations cannot be enabled prior to startup. 325 // These mitigations cannot be enabled prior to startup.
317 return !(flags & (MITIGATION_STRICT_HANDLE_CHECKS | 326 return !(flags & (MITIGATION_STRICT_HANDLE_CHECKS |
318 MITIGATION_DLL_SEARCH_ORDER)); 327 MITIGATION_DLL_SEARCH_ORDER));
319 } 328 }
320 329
321 } // namespace sandbox 330 } // namespace sandbox
322 331
OLDNEW
« no previous file with comments | « content/app/startup_helper_win.cc ('k') | sandbox/win/src/restricted_token_utils.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698