| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 349 sandbox::TargetPolicy::FILES_ALLOW_READONLY, | 349 sandbox::TargetPolicy::FILES_ALLOW_READONLY, |
| 350 pdb_path.value().c_str()); | 350 pdb_path.value().c_str()); |
| 351 if (result != sandbox::SBOX_ALL_OK) | 351 if (result != sandbox::SBOX_ALL_OK) |
| 352 return false; | 352 return false; |
| 353 #endif | 353 #endif |
| 354 | 354 |
| 355 AddGenericDllEvictionPolicy(policy); | 355 AddGenericDllEvictionPolicy(policy); |
| 356 return true; | 356 return true; |
| 357 } | 357 } |
| 358 | 358 |
| 359 bool AddPolicyForSandboxedProcess(sandbox::TargetPolicy* policy, | 359 bool AddPolicyForSandboxedProcess(sandbox::TargetPolicy* policy) { |
| 360 std::string& type_str) { | |
| 361 sandbox::ResultCode result; | 360 sandbox::ResultCode result; |
| 362 // Renderers need to share events with plugins. | 361 // Renderers need to share events with plugins. |
| 363 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, | 362 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_HANDLES, |
| 364 sandbox::TargetPolicy::HANDLES_DUP_ANY, | 363 sandbox::TargetPolicy::HANDLES_DUP_ANY, |
| 365 L"Event"); | 364 L"Event"); |
| 366 if (result != sandbox::SBOX_ALL_OK) | 365 if (result != sandbox::SBOX_ALL_OK) |
| 367 return false; | 366 return false; |
| 368 | 367 |
| 369 // Win8+ adds a device DeviceApi that we don't need. | 368 // Win8+ adds a device DeviceApi that we don't need. |
| 370 // Only close this handle on renderer processes. See crbug.com/452613. | 369 if (base::win::GetVersion() > base::win::VERSION_WIN7) |
| 371 if (base::win::GetVersion() > base::win::VERSION_WIN7 && | |
| 372 type_str == switches::kRendererProcess) { | |
| 373 result = policy->AddKernelObjectToClose(L"File", L"\\Device\\DeviceApi"); | 370 result = policy->AddKernelObjectToClose(L"File", L"\\Device\\DeviceApi"); |
| 374 } | |
| 375 if (result != sandbox::SBOX_ALL_OK) | 371 if (result != sandbox::SBOX_ALL_OK) |
| 376 return false; | 372 return false; |
| 377 | 373 |
| 378 // Close the proxy settings on XP. | 374 // Close the proxy settings on XP. |
| 379 if (base::win::GetVersion() <= base::win::VERSION_SERVER_2003) | 375 if (base::win::GetVersion() <= base::win::VERSION_SERVER_2003) |
| 380 result = policy->AddKernelObjectToClose(L"Key", | 376 result = policy->AddKernelObjectToClose(L"Key", |
| 381 L"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\" \ | 377 L"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\" \ |
| 382 L"CurrentVersion\\Internet Settings"); | 378 L"CurrentVersion\\Internet Settings"); |
| 383 if (result != sandbox::SBOX_ALL_OK) | 379 if (result != sandbox::SBOX_ALL_OK) |
| 384 return false; | 380 return false; |
| (...skipping 274 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 659 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 655 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
| 660 return base::Process(); | 656 return base::Process(); |
| 661 | 657 |
| 662 SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy); | 658 SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy); |
| 663 | 659 |
| 664 bool disable_default_policy = false; | 660 bool disable_default_policy = false; |
| 665 base::FilePath exposed_dir; | 661 base::FilePath exposed_dir; |
| 666 if (delegate) | 662 if (delegate) |
| 667 delegate->PreSandbox(&disable_default_policy, &exposed_dir); | 663 delegate->PreSandbox(&disable_default_policy, &exposed_dir); |
| 668 | 664 |
| 669 if (!disable_default_policy && | 665 if (!disable_default_policy && !AddPolicyForSandboxedProcess(policy)) |
| 670 !AddPolicyForSandboxedProcess(policy, type_str)) | |
| 671 return base::Process(); | 666 return base::Process(); |
| 672 | 667 |
| 673 if (type_str == switches::kRendererProcess) { | 668 if (type_str == switches::kRendererProcess) { |
| 674 #if !defined(NACL_WIN64) | 669 #if !defined(NACL_WIN64) |
| 675 if (gfx::win::ShouldUseDirectWrite()) { | 670 if (gfx::win::ShouldUseDirectWrite()) { |
| 676 AddDirectory(base::DIR_WINDOWS_FONTS, | 671 AddDirectory(base::DIR_WINDOWS_FONTS, |
| 677 NULL, | 672 NULL, |
| 678 true, | 673 true, |
| 679 sandbox::TargetPolicy::FILES_ALLOW_READONLY, | 674 sandbox::TargetPolicy::FILES_ALLOW_READONLY, |
| 680 policy); | 675 policy); |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 782 } | 777 } |
| 783 | 778 |
| 784 return false; | 779 return false; |
| 785 } | 780 } |
| 786 | 781 |
| 787 bool BrokerAddTargetPeer(HANDLE peer_process) { | 782 bool BrokerAddTargetPeer(HANDLE peer_process) { |
| 788 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 783 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 789 } | 784 } |
| 790 | 785 |
| 791 } // namespace content | 786 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 891973005:
Do not close handles in target process on Windows 10. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master