| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/src/process_thread_dispatcher.h" | 5 #include "sandbox/src/process_thread_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/win_util.h" | 9 #include "base/win_util.h" |
| 10 #include "sandbox/src/crosscall_client.h" | 10 #include "sandbox/src/crosscall_client.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 &ThreadProcessDispatcher::NtOpenThread) | 103 &ThreadProcessDispatcher::NtOpenThread) |
| 104 }; | 104 }; |
| 105 | 105 |
| 106 static const IPCCall open_process = { | 106 static const IPCCall open_process = { |
| 107 {IPC_NTOPENPROCESS_TAG, ULONG_TYPE, ULONG_TYPE}, | 107 {IPC_NTOPENPROCESS_TAG, ULONG_TYPE, ULONG_TYPE}, |
| 108 reinterpret_cast<CallbackGeneric>( | 108 reinterpret_cast<CallbackGeneric>( |
| 109 &ThreadProcessDispatcher::NtOpenProcess) | 109 &ThreadProcessDispatcher::NtOpenProcess) |
| 110 }; | 110 }; |
| 111 | 111 |
| 112 static const IPCCall process_token = { | 112 static const IPCCall process_token = { |
| 113 {IPC_NTOPENPROCESSTOKEN_TAG, ULONG_TYPE, ULONG_TYPE}, | 113 {IPC_NTOPENPROCESSTOKEN_TAG, VOIDPTR_TYPE, ULONG_TYPE}, |
| 114 reinterpret_cast<CallbackGeneric>( | 114 reinterpret_cast<CallbackGeneric>( |
| 115 &ThreadProcessDispatcher::NtOpenProcessToken) | 115 &ThreadProcessDispatcher::NtOpenProcessToken) |
| 116 }; | 116 }; |
| 117 | 117 |
| 118 static const IPCCall process_tokenex = { | 118 static const IPCCall process_tokenex = { |
| 119 {IPC_NTOPENPROCESSTOKENEX_TAG, ULONG_TYPE, ULONG_TYPE, ULONG_TYPE}, | 119 {IPC_NTOPENPROCESSTOKENEX_TAG, VOIDPTR_TYPE, ULONG_TYPE, ULONG_TYPE}, |
| 120 reinterpret_cast<CallbackGeneric>( | 120 reinterpret_cast<CallbackGeneric>( |
| 121 &ThreadProcessDispatcher::NtOpenProcessTokenEx) | 121 &ThreadProcessDispatcher::NtOpenProcessTokenEx) |
| 122 }; | 122 }; |
| 123 | 123 |
| 124 static const IPCCall create_params = { | 124 static const IPCCall create_params = { |
| 125 {IPC_CREATEPROCESSW_TAG, WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}, | 125 {IPC_CREATEPROCESSW_TAG, WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}, |
| 126 reinterpret_cast<CallbackGeneric>( | 126 reinterpret_cast<CallbackGeneric>( |
| 127 &ThreadProcessDispatcher::CreateProcessW) | 127 &ThreadProcessDispatcher::CreateProcessW) |
| 128 }; | 128 }; |
| 129 | 129 |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 171 DWORD process_id) { | 171 DWORD process_id) { |
| 172 HANDLE handle; | 172 HANDLE handle; |
| 173 NTSTATUS ret = ProcessPolicy::OpenProcessAction(*ipc->client_info, | 173 NTSTATUS ret = ProcessPolicy::OpenProcessAction(*ipc->client_info, |
| 174 desired_access, process_id, | 174 desired_access, process_id, |
| 175 &handle); | 175 &handle); |
| 176 ipc->return_info.nt_status = ret; | 176 ipc->return_info.nt_status = ret; |
| 177 ipc->return_info.handle = handle; | 177 ipc->return_info.handle = handle; |
| 178 return true; | 178 return true; |
| 179 } | 179 } |
| 180 | 180 |
| 181 bool ThreadProcessDispatcher::NtOpenProcessToken(IPCInfo* ipc, DWORD process, | 181 bool ThreadProcessDispatcher::NtOpenProcessToken(IPCInfo* ipc, HANDLE process, |
| 182 DWORD desired_access) { | 182 DWORD desired_access) { |
| 183 HANDLE handle; | 183 HANDLE handle; |
| 184 NTSTATUS ret = ProcessPolicy::OpenProcessTokenAction(*ipc->client_info, | 184 NTSTATUS ret = ProcessPolicy::OpenProcessTokenAction(*ipc->client_info, |
| 185 process, desired_access, | 185 process, desired_access, |
| 186 &handle); | 186 &handle); |
| 187 ipc->return_info.nt_status = ret; | 187 ipc->return_info.nt_status = ret; |
| 188 ipc->return_info.handle = handle; | 188 ipc->return_info.handle = handle; |
| 189 return true; | 189 return true; |
| 190 } | 190 } |
| 191 | 191 |
| 192 bool ThreadProcessDispatcher::NtOpenProcessTokenEx(IPCInfo* ipc, DWORD process, | 192 bool ThreadProcessDispatcher::NtOpenProcessTokenEx(IPCInfo* ipc, HANDLE process, |
| 193 DWORD desired_access, | 193 DWORD desired_access, |
| 194 DWORD attributes) { | 194 DWORD attributes) { |
| 195 HANDLE handle; | 195 HANDLE handle; |
| 196 NTSTATUS ret = ProcessPolicy::OpenProcessTokenExAction(*ipc->client_info, | 196 NTSTATUS ret = ProcessPolicy::OpenProcessTokenExAction(*ipc->client_info, |
| 197 process, | 197 process, |
| 198 desired_access, | 198 desired_access, |
| 199 attributes, &handle); | 199 attributes, &handle); |
| 200 ipc->return_info.nt_status = ret; | 200 ipc->return_info.nt_status = ret; |
| 201 ipc->return_info.handle = handle; | 201 ipc->return_info.handle = handle; |
| 202 return true; | 202 return true; |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 237 // If our logic was wrong, at least we wont allow create a random process. | 237 // If our logic was wrong, at least we wont allow create a random process. |
| 238 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 238 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
| 239 exe_name, *cmd_line, | 239 exe_name, *cmd_line, |
| 240 proc_info); | 240 proc_info); |
| 241 | 241 |
| 242 ipc->return_info.win32_result = ret; | 242 ipc->return_info.win32_result = ret; |
| 243 return true; | 243 return true; |
| 244 } | 244 } |
| 245 | 245 |
| 246 } // namespace sandbox | 246 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 873006:
Re-land second sandbox round of changes... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/