diff options
| author | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-04 22:47:37 +0000 |
|---|---|---|
| committer | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-04 22:47:37 +0000 |
| commit | 4bc818e1dc285910638203a0d94063a9e92e36b0 (patch) | |
| tree | 871de4bc758b249b02246e0a449cd3c7960f76e3 | |
| parent | bd06fc48da4098267e99ae9e03313c3689100147 (diff) | |
| download | chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.zip chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.tar.gz chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.tar.bz2 | |
Sandbox: Finish the interception manager support for x64.
Unit tests and integration tests run (as long as they don't
depend on IPCs), both regular and under SANDBOX_EXPORTS.
The interception agent is there, but no EAT interceptions yet.
BUG=27218
TEST=unit tests/ integration tests.
Review URL: http://codereview.chromium.org/565026
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@38143 0039d316-1c4b-4281-b951-d872f2087c98
24 files changed, 347 insertions, 155 deletions
diff --git a/base/base.gypi b/base/base.gypi index f463b73..c7e3a29 100644 --- a/base/base.gypi +++ b/base/base.gypi @@ -129,6 +129,8 @@ 'observer_list_threadsafe.h', 'path_service.cc', 'path_service.h', + 'pe_image.cc', + 'pe_image.h', 'pickle.cc', 'pickle.h', 'platform_file.h', @@ -546,8 +548,6 @@ 'nsimage_cache_mac.mm', 'nss_util.cc', 'nss_util.h', - 'pe_image.cc', - 'pe_image.h', 'setproctitle_linux.c', 'setproctitle_linux.h', 'sha2.cc', diff --git a/base/pe_image.cc b/base/pe_image.cc index 33fa20c..f2fb140 100644 --- a/base/pe_image.cc +++ b/base/pe_image.cc @@ -7,7 +7,8 @@ #include "base/pe_image.h" -#ifdef _WIN64 +#if defined(_WIN64) && !defined(NACL_WIN64) +// TODO(rvargas): Bug 27218. Make sure this is ok. #error This code is not tested on x64. Please make sure all the base unit tests\ pass before doing any real work. The current unit tests don't test the\ differences between 32- and 64-bits implementations. Bugs may slip through.\ diff --git a/sandbox/sandbox.gyp b/sandbox/sandbox.gyp index 1130877..fa2b817 100644 --- a/sandbox/sandbox.gyp +++ b/sandbox/sandbox.gyp @@ -24,17 +24,18 @@ 'src/dep.h', 'src/eat_resolver.cc', 'src/eat_resolver.h', - 'src/filesystem_dispatcher.cc', - 'src/filesystem_dispatcher.h', 'src/filesystem_policy.cc', 'src/filesystem_policy.h', + 'src/interception.cc', + 'src/interception.h', + 'src/interception_agent.cc', + 'src/interception_agent.h', + 'src/interception_internal.h', 'src/interceptors.h', 'src/internal_types.h', 'src/ipc_tags.h', 'src/job.cc', 'src/job.h', - 'src/named_pipe_dispatcher.cc', - 'src/named_pipe_dispatcher.h', 'src/named_pipe_policy.cc', 'src/named_pipe_policy.h', 'src/nt_internals.h', @@ -50,12 +51,8 @@ 'src/policy_params.h', 'src/policy_target.cc', 'src/policy_target.h', - 'src/process_thread_dispatcher.cc', - 'src/process_thread_dispatcher.h', 'src/process_thread_policy.cc', 'src/process_thread_policy.h', - 'src/registry_dispatcher.cc', - 'src/registry_dispatcher.h', 'src/registry_policy.cc', 'src/registry_policy.h', 'src/resolver.h', @@ -81,10 +78,10 @@ 'src/shared_handles.h', 'src/sid.cc', 'src/sid.h', - 'src/sync_dispatcher.cc', - 'src/sync_dispatcher.h', 'src/sync_policy.cc', 'src/sync_policy.h', + 'src/target_interceptions.cc', + 'src/target_interceptions.h', 'src/target_process.cc', 'src/target_process.h', 'src/target_services.cc', @@ -194,18 +191,21 @@ 'msvs_guid': '881F6A97-D539-4C48-B401-DF04385B2343', 'sources': [ # Files that are used by the 32-bit version of Windows sandbox only. + 'src/filesystem_dispatcher.cc', + 'src/filesystem_dispatcher.h', 'src/filesystem_interception.cc', 'src/filesystem_interception.h', - 'src/interception_agent.cc', - 'src/interception_agent.h', - 'src/interception_internal.h', - 'src/interception.cc', - 'src/interception.h', + 'src/named_pipe_dispatcher.cc', + 'src/named_pipe_dispatcher.h', 'src/named_pipe_interception.cc', 'src/named_pipe_interception.h', + 'src/process_thread_dispatcher.cc', + 'src/process_thread_dispatcher.h', 'src/process_thread_interception.cc', 'src/process_thread_interception.h', 'src/registry_interception.cc', + 'src/registry_dispatcher.cc', + 'src/registry_dispatcher.h', 'src/registry_interception.h', 'src/resolver.cc', 'src/service_resolver.cc', @@ -222,10 +222,10 @@ 'src/sidestep\mini_disassembler.h', 'src/sidestep\preamble_patcher_with_stub.cpp', 'src/sidestep\preamble_patcher.h', + 'src/sync_dispatcher.cc', + 'src/sync_dispatcher.h', 'src/sync_interception.cc', 'src/sync_interception.h', - 'src/target_interceptions.cc', - 'src/target_interceptions.h', 'src/Wow64.cc', 'src/Wow64.h', ], @@ -270,6 +270,7 @@ 'src/interceptors_64.h', 'src/resolver_64.cc', 'src/service_resolver_64.cc', + 'src/Wow64_64.cc', ], 'include_dirs': [ '..', diff --git a/sandbox/src/Wow64_64.cc b/sandbox/src/Wow64_64.cc new file mode 100644 index 0000000..e188d68 --- /dev/null +++ b/sandbox/src/Wow64_64.cc @@ -0,0 +1,22 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// Wow64 implementation for native 64-bit Windows (in other words, never WOW). + +#include "sandbox/src/wow64.h" + +namespace sandbox { + +Wow64::~Wow64() { +} + +bool Wow64::IsWow64() { + return false; +} + +bool Wow64::WaitForNtdll(DWORD timeout_ms) { + return true; +} + +} // namespace sandbox diff --git a/sandbox/src/filesystem_dispatcher.cc b/sandbox/src/filesystem_dispatcher.cc index d97e301..699947d 100644 --- a/sandbox/src/filesystem_dispatcher.cc +++ b/sandbox/src/filesystem_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "sandbox/src/filesystem_interception.h" #include "sandbox/src/filesystem_policy.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -60,22 +61,21 @@ bool FilesystemDispatcher::SetupService(InterceptionManager* manager, int service) { switch (service) { case IPC_NTCREATEFILE_TAG: - return INTERCEPT_NT(manager, NtCreateFile, "_TargetNtCreateFile@48"); + return INTERCEPT_NT(manager, NtCreateFile, CREATE_FILE_ID, 48); case IPC_NTOPENFILE_TAG: - return INTERCEPT_NT(manager, NtOpenFile, "_TargetNtOpenFile@28"); + return INTERCEPT_NT(manager, NtOpenFile, OPEN_FILE_ID, 28); case IPC_NTQUERYATTRIBUTESFILE_TAG: - return INTERCEPT_NT(manager, NtQueryAttributesFile, - "_TargetNtQueryAttributesFile@12"); + return INTERCEPT_NT(manager, NtQueryAttributesFile, QUERY_ATTRIB_FILE_ID, + 12); case IPC_NTQUERYFULLATTRIBUTESFILE_TAG: return INTERCEPT_NT(manager, NtQueryFullAttributesFile, - "_TargetNtQueryFullAttributesFile@12"); + QUERY_FULL_ATTRIB_FILE_ID, 12); case IPC_NTSETINFO_RENAME_TAG: - return INTERCEPT_NT(manager, NtSetInformationFile, - "_TargetNtSetInformationFile@24"); + return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); default: return false; diff --git a/sandbox/src/interception.cc b/sandbox/src/interception.cc index 007c373..28edf2c 100644 --- a/sandbox/src/interception.cc +++ b/sandbox/src/interception.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -13,6 +13,7 @@ #include "base/pe_image.h" #include "base/scoped_ptr.h" #include "sandbox/src/interception_internal.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/sandbox.h" #include "sandbox/src/sandbox_utils.h" #include "sandbox/src/service_resolver.h" @@ -31,6 +32,9 @@ namespace sandbox { SANDBOX_INTERCEPT SharedMemory* g_interceptions; +// Table of the unpatched functions that we intercept. Mapped from the parent. +SANDBOX_INTERCEPT OriginalFunctions g_originals = { NULL }; + // Magic constant that identifies that this function is not to be patched. const char kUnloadDLLDummyFunction[] = "@"; @@ -45,9 +49,11 @@ InterceptionManager::~InterceptionManager() { bool InterceptionManager::AddToPatchedFunctions( const wchar_t* dll_name, const char* function_name, - InterceptionType interception_type, const void* replacement_code_address) { + InterceptionType interception_type, const void* replacement_code_address, + InterceptorId id) { InterceptionData function; function.type = interception_type; + function.id = id; function.dll = dll_name; function.function = function_name; function.interceptor_address = replacement_code_address; @@ -58,9 +64,11 @@ bool InterceptionManager::AddToPatchedFunctions( bool InterceptionManager::AddToPatchedFunctions( const wchar_t* dll_name, const char* function_name, - InterceptionType interception_type, const char* replacement_function_name) { + InterceptionType interception_type, const char* replacement_function_name, + InterceptorId id) { InterceptionData function; function.type = interception_type; + function.id = id; function.dll = dll_name; function.function = function_name; function.interceptor = replacement_function_name; @@ -103,9 +111,10 @@ bool InterceptionManager::InitializeInterceptions() { return false; g_interceptions = reinterpret_cast<SharedMemory*>(remote_buffer); - child_->TransferVariable("sandbox::g_interceptions", &g_interceptions, - sizeof(g_interceptions)); - return true; + ResultCode rc = child_->TransferVariable("g_interceptions", + &g_interceptions, + sizeof(g_interceptions)); + return (SBOX_ALL_OK == rc); } size_t InterceptionManager::GetBufferSize() const { @@ -261,6 +270,7 @@ bool InterceptionManager::SetupInterceptionInfo(const InterceptionData& data, function->record_bytes = required; function->type = data.type; + function->id = data.id; function->interceptor_address = data.interceptor_address; char* names = function->function; @@ -337,22 +347,16 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { if (hot_patch_needed) { #if SANDBOX_EXPORTS // Make sure the functions are not excluded by the linker. +#if defined(_WIN64) + #pragma comment(linker, "/include:TargetNtMapViewOfSection64") + #pragma comment(linker, "/include:TargetNtUnmapViewOfSection64") +#else #pragma comment(linker, "/include:_TargetNtMapViewOfSection@44") #pragma comment(linker, "/include:_TargetNtUnmapViewOfSection@12") - - AddToPatchedFunctions(kNtdllName, kMapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - "_TargetNtMapViewOfSection@44"); - AddToPatchedFunctions(kNtdllName, kUnmapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - "_TargetNtUnmapViewOfSection@12"); -#else - AddToPatchedFunctions(kNtdllName, kMapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, &TargetNtMapViewOfSection); - AddToPatchedFunctions(kNtdllName, kUnmapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - &TargetNtUnmapViewOfSection); #endif +#endif + ADD_NT_INTERCEPTION(NtMapViewOfSection, MAP_VIEW_OF_SECTION_ID, 44); + ADD_NT_INTERCEPTION(NtUnmapViewOfSection, UNMAP_VIEW_OF_SECTION_ID, 12); } size_t thunk_bytes = interceptions_.size() * sizeof(ThunkData) + @@ -370,6 +374,9 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { dll_data.num_thunks = 0; dll_data.used_bytes = offsetof(DllInterceptionData, thunks); + // Reset all helpers for a new child. + memset(g_originals, 0, sizeof(g_originals)); + // this should write all the individual thunks to the child's memory if (!PatchClientFunctions(thunks, thunk_bytes, &dll_data)) return false; @@ -388,7 +395,10 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { ::VirtualProtectEx(child, thunks, thunk_bytes, PAGE_EXECUTE_READ, &old_protection); - return true; + ResultCode ret = child_->TransferVariable("g_originals", g_originals, + sizeof(g_originals)); + + return SBOX_ALL_OK == ret ? true : false; } bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks, @@ -468,6 +478,9 @@ bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks, if (!NT_SUCCESS(ret)) break; + DCHECK(!g_originals[it->id]); + g_originals[it->id] = &thunks->thunks[dll_data->num_thunks]; + dll_data->num_thunks++; dll_data->used_bytes += sizeof(ThunkData); } diff --git a/sandbox/src/interception.h b/sandbox/src/interception.h index fd947ff..261a6cf 100644 --- a/sandbox/src/interception.h +++ b/sandbox/src/interception.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -22,6 +22,7 @@ namespace sandbox { class TargetProcess; +enum InterceptorId; // Internal structures used for communication between the broker and the target. struct DllPatchInfo; @@ -40,12 +41,12 @@ struct DllInterceptionData; // InterceptionManager interception_manager(child); // if (!interception_manager.AddToPatchedFunctions( // L"ntdll.dll", "NtCreateFile", -// sandbox::INTERCEPTION_SERVICE_CALL, &MyNtCreateFile)) +// sandbox::INTERCEPTION_SERVICE_CALL, &MyNtCreateFile, MY_ID_1)) // return false; // // if (!interception_manager.AddToPatchedFunctions( // L"kernel32.dll", "CreateDirectoryW", -// sandbox::INTERCEPTION_EAT, L"MyCreateDirectoryW@12")) +// sandbox::INTERCEPTION_EAT, L"MyCreateDirectoryW@12", MY_ID_2)) // return false; // // if (!interception_manager.InitializeInterceptions()) { @@ -77,28 +78,43 @@ class InterceptionManager { // The new function should match the prototype and calling convention of the // function to intercept except for one extra argument (the first one) that // contains a pointer to the original function, to simplify the development - // of interceptors. + // of interceptors (for IA32). In x64, there is no extra argument to the + // interceptor, so the provided InterceptorId is used to keep a table of + // intercepted functions so that the interceptor can index that table to get + // the pointer that would have been the first argument (g_originals[id]). // // For example, to intercept NtClose, the following code could be used: // // typedef NTSTATUS (WINAPI *NtCloseFunction) (IN HANDLE Handle); - // NTSTATUS WINAPI MyNtCose (IN NtCloseFunction OriginalClose, - // IN HANDLE Handle) { + // NTSTATUS WINAPI MyNtCose(IN NtCloseFunction OriginalClose, + // IN HANDLE Handle) { // // do something // // call the original function // return OriginalClose(Handle); // } + // + // And in x64: + // + // typedef NTSTATUS (WINAPI *NtCloseFunction) (IN HANDLE Handle); + // NTSTATUS WINAPI MyNtCose64(IN HANDLE Handle) { + // // do something + // // call the original function + // NtCloseFunction OriginalClose = g_originals[NT_CLOSE_ID]; + // return OriginalClose(Handle); + // } bool AddToPatchedFunctions(const wchar_t* dll_name, const char* function_name, InterceptionType interception_type, - const void* replacement_code_address); + const void* replacement_code_address, + InterceptorId id); // Patches function_name inside dll_name to point to // replacement_function_name. bool AddToPatchedFunctions(const wchar_t* dll_name, const char* function_name, InterceptionType interception_type, - const char* replacement_function_name); + const char* replacement_function_name, + InterceptorId id); // The interception agent will unload the dll with dll_name. bool AddToUnloadModules(const wchar_t* dll_name); @@ -119,6 +135,7 @@ class InterceptionManager { // Used to store the interception information until the actual set-up. struct InterceptionData { InterceptionType type; // Interception type. + InterceptorId id; // Interceptor id. std::wstring dll; // Name of dll to intercept. std::string function; // Name of function to intercept. std::string interceptor; // Name of interceptor function. @@ -203,6 +220,54 @@ class InterceptionManager { DISALLOW_COPY_AND_ASSIGN(InterceptionManager); }; +// This macro simply calls interception_manager.AddToPatchedFunctions with +// the given service to intercept (INTERCEPTION_SERVICE_CALL), and assumes that +// the interceptor is called "TargetXXX", where XXX is the name of the service. +// Note that num_params is the number of bytes to pop out of the stack for +// the exported interceptor, following the calling convention of a service call +// (WINAPI = with the "C" underscore). +#if SANDBOX_EXPORTS +#if defined(_WIN64) +#define MAKE_SERVICE_NAME(service, params) Target ## service ## 64 +#else +#define MAKE_SERVICE_NAME(service, params) "_Target" # service "@" # params +#endif + +#define ADD_NT_INTERCEPTION(service, id, num_params) \ + AddToPatchedFunctions(kNtdllName, #service, \ + sandbox::INTERCEPTION_SERVICE_CALL, \ + MAKE_SERVICE_NAME(service, num_params), id) + +#define INTERCEPT_NT(manager, service, id, num_params) \ + ((&Target##service) ? \ + manager->ADD_NT_INTERCEPTION(service, id, num_params) : false) + +#define INTERCEPT_EAT(manager, dll, function, id, num_params) \ + ((&Target##function) ? \ + manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ + MAKE_SERVICE_NAME(function, num_params), \ + id) : \ + false) +#else // SANDBOX_EXPORTS +#if defined(_WIN64) +#define MAKE_SERVICE_NAME(service) &Target##service##64 +#else +#define MAKE_SERVICE_NAME(service) &Target##service +#endif + +#define ADD_NT_INTERCEPTION(service, id, num_params) \ + AddToPatchedFunctions(kNtdllName, #service, \ + sandbox::INTERCEPTION_SERVICE_CALL, \ + MAKE_SERVICE_NAME(service), id) + +#define INTERCEPT_NT(manager, service, id, num_params) \ + manager->ADD_NT_INTERCEPTION(service, id, num_params) + +#define INTERCEPT_EAT(manager, dll, function, id, num_params) \ + manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ + MAKE_SERVICE_NAME(function), id) +#endif // SANDBOX_EXPORTS + } // namespace sandbox #endif // SANDBOX_SRC_INTERCEPTION_H_ diff --git a/sandbox/src/interception_agent.cc b/sandbox/src/interception_agent.cc index 08df720..f9f9cf7 100644 --- a/sandbox/src/interception_agent.cc +++ b/sandbox/src/interception_agent.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -200,11 +200,14 @@ ResolverThunk* InterceptionAgent::GetResolver(InterceptionType type) { if (!eat_resolver) eat_resolver = new(NT_ALLOC) EatResolverThunk; +#if !defined(_WIN64) + // Sidestep is not supported for x64. if (!sidestep_resolver) sidestep_resolver = new(NT_ALLOC) SidestepResolverThunk; if (!smart_sidestep_resolver) smart_sidestep_resolver = new(NT_ALLOC) SmartSidestepResolverThunk; +#endif switch (type) { case INTERCEPTION_EAT: diff --git a/sandbox/src/interception_internal.h b/sandbox/src/interception_internal.h index e053bdf..2447a67 100644 --- a/sandbox/src/interception_internal.h +++ b/sandbox/src/interception_internal.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -15,6 +15,8 @@ namespace sandbox { const int kMaxThunkDataBytes = 64; +enum InterceptorId; + // The following structures contain variable size fields at the end, and will be // used to transfer information between two processes. In order to guarantee // our ability to follow the chain of structures, the alignment should be fixed, @@ -27,6 +29,7 @@ const int kMaxThunkDataBytes = 64; struct FunctionInfo { size_t record_bytes; // rounded to sizeof(size_t) bytes InterceptionType type; + InterceptorId id; const void* interceptor_address; char function[1]; // placeholder for null terminated name // char interceptor[] // followed by the interceptor function diff --git a/sandbox/src/interception_unittest.cc b/sandbox/src/interception_unittest.cc index 1c6838e..883cc91 100644 --- a/sandbox/src/interception_unittest.cc +++ b/sandbox/src/interception_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -10,6 +10,7 @@ #include "base/scoped_ptr.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/interception_internal.h" #include "sandbox/src/target_process.h" #include "testing/gtest/include/gtest/gtest.h" @@ -86,42 +87,49 @@ TEST(InterceptionManagerTest, BufferLayout1) { // Any pointer will do for a function pointer. void* function = &interceptions; + // We don't care about the interceptor id. interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtCreateFile", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateFileEx", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "SomeFileEx", - INTERCEPTION_SMART_SIDESTEP, function); + INTERCEPTION_SMART_SIDESTEP, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "FindWindow", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateMutex", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "PostMsg", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "PostMsg", - INTERCEPTION_EAT, "replacement"); + INTERCEPTION_EAT, "replacement", + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtClose", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtOpenFile", - INTERCEPTION_SIDESTEP, function); + INTERCEPTION_SIDESTEP, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"some.dll", "Superfn", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, "a"); + INTERCEPTION_EAT, "a", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_SIDESTEP, "ab"); + INTERCEPTION_SIDESTEP, "ab", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, "abc"); + INTERCEPTION_EAT, "abc", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "p", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"b.dll", - "TheIncredibleCallToSaveTheWorld", INTERCEPTION_EAT, function); + "TheIncredibleCallToSaveTheWorld", + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "BIsLame", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "ARules", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); // Verify that all interceptions were added ASSERT_EQ(18, interceptions.interceptions_.size()); @@ -165,16 +173,17 @@ TEST(InterceptionManagerTest, BufferLayout2) { // Any pointer will do for a function pointer. void* function = &interceptions; - interceptions.AddToUnloadModules(L"some01.dll"); + // We don't care about the interceptor id. interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtCreateFile", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_FILE_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateFileEx", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_FILE_ID); interceptions.AddToUnloadModules(L"some02.dll"); interceptions.AddToPatchedFunctions(L"kernel32.dll", "SomeFileEx", - INTERCEPTION_SMART_SIDESTEP, function); - + INTERCEPTION_SMART_SIDESTEP, function, + OPEN_FILE_ID); // Verify that all interceptions were added ASSERT_EQ(5, interceptions.interceptions_.size()); diff --git a/sandbox/src/interceptors.h b/sandbox/src/interceptors.h index 7064e07..2b033b6 100644 --- a/sandbox/src/interceptors.h +++ b/sandbox/src/interceptors.h @@ -12,15 +12,39 @@ namespace sandbox { enum InterceptorId { + // Internal use: MAP_VIEW_OF_SECTION_ID = 0, UNMAP_VIEW_OF_SECTION_ID, + // Policy broker: SET_INFORMATION_THREAD_ID, OPEN_THREAD_TOKEN_ID, OPEN_THREAD_TOKEN_EX_ID, - MAX_ID + OPEN_TREAD_ID, + OPEN_PROCESS_ID, + OPEN_PROCESS_TOKEN_ID, + OPEN_PROCESS_TOKEN_EX_ID, + // Filesystem dispatcher: + CREATE_FILE_ID, + OPEN_FILE_ID, + QUERY_ATTRIB_FILE_ID, + QUERY_FULL_ATTRIB_FILE_ID, + SET_INFO_FILE_ID, + // Named pipe dispatcher: + CREATE_NAMED_PIPE_ID, + // Process-thread dispatcher: + CREATE_PROCESSW_ID, + CREATE_PROCESSA_ID, + // Registry dispatcher: + CREATE_KEY_ID, + OPEN_KEY_ID, + OPEN_KEY_EX_ID, + // Sync dispatcher: + CREATE_EVENT_ID, + OPEN_EVENT_ID, + INTERCEPTOR_MAX_ID }; -typedef void* OriginalFunctions[MAX_ID]; +typedef void* OriginalFunctions[INTERCEPTOR_MAX_ID]; } // namespace sandbox diff --git a/sandbox/src/named_pipe_dispatcher.cc b/sandbox/src/named_pipe_dispatcher.cc index 73e5424..0569784 100644 --- a/sandbox/src/named_pipe_dispatcher.cc +++ b/sandbox/src/named_pipe_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/named_pipe_interception.h" #include "sandbox/src/named_pipe_policy.h" @@ -33,7 +34,7 @@ bool NamedPipeDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_CREATENAMEDPIPEW_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", CreateNamedPipeW, - L"_TargetCreateNamedPipeW@36"); + CREATE_NAMED_PIPE_ID, 36); return false; } diff --git a/sandbox/src/nt_internals.h b/sandbox/src/nt_internals.h index 16a3abc..fa6b59e 100644 --- a/sandbox/src/nt_internals.h +++ b/sandbox/src/nt_internals.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -239,8 +239,8 @@ typedef NTSTATUS (WINAPI *NtQuerySectionFunction)( IN HANDLE SectionHandle, IN SECTION_INFORMATION_CLASS SectionInformationClass, OUT PVOID SectionInformation, - IN ULONG SectionInformationLength, - OUT PULONG ReturnLength OPTIONAL); + IN SIZE_T SectionInformationLength, + OUT PSIZE_T ReturnLength OPTIONAL); // ----------------------------------------------------------------------- // Process and Thread diff --git a/sandbox/src/policy_broker.cc b/sandbox/src/policy_broker.cc index e3b5023..1b26938 100644 --- a/sandbox/src/policy_broker.cc +++ b/sandbox/src/policy_broker.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -10,6 +10,7 @@ #include "base/pe_image.h" #include "base/win_util.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/policy_target.h" #include "sandbox/src/process_thread_interception.h" #include "sandbox/src/sandbox.h" @@ -87,27 +88,32 @@ bool SetupNtdllImports(TargetProcess *child) { #undef INIT_GLOBAL_RTL bool SetupBasicInterceptions(InterceptionManager* manager) { +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. // Interceptions provided by process_thread_policy, without actual policy. - if (!INTERCEPT_NT(manager, NtOpenThread, "_TargetNtOpenThread@20") || - !INTERCEPT_NT(manager, NtOpenProcess, "_TargetNtOpenProcess@20") || - !INTERCEPT_NT(manager, NtOpenProcessToken, - "_TargetNtOpenProcessToken@16")) + if (!INTERCEPT_NT(manager, NtOpenThread, OPEN_TREAD_ID, 20) || + !INTERCEPT_NT(manager, NtOpenProcess, OPEN_PROCESS_ID, 20) || + !INTERCEPT_NT(manager, NtOpenProcessToken, OPEN_PROCESS_TOKEN_ID, 16)) return false; +#endif // Interceptions with neither policy nor IPC. - if (!INTERCEPT_NT(manager, NtSetInformationThread, - "_TargetNtSetInformationThread@20") || - !INTERCEPT_NT(manager, NtOpenThreadToken, "_TargetNtOpenThreadToken@20")) + if (!INTERCEPT_NT(manager, NtSetInformationThread, SET_INFORMATION_THREAD_ID, + 20) || + !INTERCEPT_NT(manager, NtOpenThreadToken, OPEN_THREAD_TOKEN_ID, 20)) return false; if (win_util::GetWinVersion() >= win_util::WINVERSION_XP) { +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. // This one is also provided by process_thread_policy. - if (!INTERCEPT_NT(manager, NtOpenProcessTokenEx, - "_TargetNtOpenProcessTokenEx@20")) + if (!INTERCEPT_NT(manager, NtOpenProcessTokenEx, OPEN_PROCESS_TOKEN_EX_ID, + 20)) return false; +#endif - return INTERCEPT_NT(manager, NtOpenThreadTokenEx, - "_TargetNtOpenThreadTokenEx@24"); + return INTERCEPT_NT(manager, NtOpenThreadTokenEx, OPEN_THREAD_TOKEN_EX_ID, + 24); } return true; diff --git a/sandbox/src/policy_broker.h b/sandbox/src/policy_broker.h index 9697284..fd2602a 100644 --- a/sandbox/src/policy_broker.h +++ b/sandbox/src/policy_broker.h @@ -1,13 +1,14 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SANDBOX_SRC_POLICY_BROKER_H__ -#define SANDBOX_SRC_POLICY_BROKER_H__ +#ifndef SANDBOX_SRC_POLICY_BROKER_H_ +#define SANDBOX_SRC_POLICY_BROKER_H_ + +#include "sandbox/src/interception.h" namespace sandbox { -class InterceptionManager; class TargetProcess; // Sets up interceptions not controlled by explicit policies. @@ -17,34 +18,6 @@ bool SetupBasicInterceptions(InterceptionManager* manager); // can work. bool SetupNtdllImports(TargetProcess *child); -// This macro simply calls interception_manager.AddToPatchedFunctions with -// the given service to intercept (INTERCEPTION_SERVICE_CALL), and assumes that -// the interceptor is called "TargetXXX", where XXX is the name of the service. -// Note that exported_target is the actual exported name of the interceptor, -// following the calling convention of a service call (WINAPI = with the "C" -// underscore and the number of bytes to pop out of the stack) -#if SANDBOX_EXPORTS -#define INTERCEPT_NT(manager, service, exported_target) \ - ((&Target##service) ? \ - manager->AddToPatchedFunctions(kNtdllName, #service, \ - sandbox::INTERCEPTION_SERVICE_CALL, \ - exported_target) : false) - -#define INTERCEPT_EAT(manager, dll, function, exported_target) \ - ((&Target##function) ? \ - manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ - exported_target) : false) -#else -#define INTERCEPT_NT(manager, service, exported_target) \ - manager->AddToPatchedFunctions(kNtdllName, #service, \ - sandbox::INTERCEPTION_SERVICE_CALL, \ - &Target##service) - -#define INTERCEPT_EAT(manager, dll, function, exported_target) \ - manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ - &Target##function) -#endif - } // namespace sandbox -#endif // SANDBOX_SRC_POLICY_BROKER_H__ +#endif // SANDBOX_SRC_POLICY_BROKER_H_ diff --git a/sandbox/src/policy_target_test.cc b/sandbox/src/policy_target_test.cc index e4ff837..042d455 100644 --- a/sandbox/src/policy_target_test.cc +++ b/sandbox/src/policy_target_test.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,6 +12,10 @@ namespace sandbox { +#define BINDNTDLL(name) \ + name ## Function name = reinterpret_cast<name ## Function>( \ + ::GetProcAddress(::GetModuleHandle(L"ntdll.dll"), #name)) + // Reverts to self and verify that SetInformationToken was faked. Returns // SBOX_TEST_SUCCEEDED if faked and SBOX_TEST_FAILED if not faked. SBOX_TESTS_COMMAND int PolicyTargetTest_token(int argc, wchar_t **argv) { @@ -71,6 +75,36 @@ SBOX_TESTS_COMMAND int PolicyTargetTest_token2(int argc, wchar_t **argv) { return SBOX_TEST_SUCCEEDED; } +// Opens the thread token with and without impersonation, using +// NtOpenThreadTokenEX. +SBOX_TESTS_COMMAND int PolicyTargetTest_token3(int argc, wchar_t **argv) { + BINDNTDLL(NtOpenThreadTokenEx); + if (!NtOpenThreadTokenEx) + return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; + + HANDLE thread_token; + // Get the thread token, using impersonation. + NTSTATUS status = NtOpenThreadTokenEx(GetCurrentThread(), + TOKEN_IMPERSONATE | TOKEN_DUPLICATE, + FALSE, 0, &thread_token); + if (status == STATUS_NO_TOKEN) + return ERROR_NO_TOKEN; + if (!NT_SUCCESS(status)) + return SBOX_TEST_FAILED; + + ::CloseHandle(thread_token); + + // Get the thread token, without impersonation. + status = NtOpenThreadTokenEx(GetCurrentThread(), + TOKEN_IMPERSONATE | TOKEN_DUPLICATE, TRUE, 0, + &thread_token); + if (!NT_SUCCESS(status)) + return SBOX_TEST_FAILED; + + ::CloseHandle(thread_token); + return SBOX_TEST_SUCCEEDED; +} + // Tests that we can open the current thread. SBOX_TESTS_COMMAND int PolicyTargetTest_thread(int argc, wchar_t **argv) { DWORD thread_id = ::GetCurrentThreadId(); @@ -144,6 +178,20 @@ TEST(PolicyTargetTest, OpenThreadToken) { EXPECT_EQ(ERROR_NO_TOKEN, runner.RunTest(L"PolicyTargetTest_token2")); } +TEST(PolicyTargetTest, OpenThreadTokenEx) { + TestRunner runner; + if (win_util::GetWinVersion() < win_util::WINVERSION_XP) + return; + + runner.SetTestState(BEFORE_REVERT); + EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"PolicyTargetTest_token3")); + + runner.SetTestState(AFTER_REVERT); + EXPECT_EQ(ERROR_NO_TOKEN, runner.RunTest(L"PolicyTargetTest_token3")); +} + +#if !defined(_WIN64) +// Bug 27218: We don't have IPC yet. TEST(PolicyTargetTest, OpenThread) { TestRunner runner; EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"PolicyTargetTest_thread")) << @@ -286,5 +334,6 @@ TEST(PolicyTargetTest, WinstaPolicy) { temp_policy->DestroyAlternateDesktop(); temp_policy->Release(); } +#endif // _WIN64 } // namespace sandbox diff --git a/sandbox/src/process_thread_dispatcher.cc b/sandbox/src/process_thread_dispatcher.cc index 1735a12..bbc1e57 100644 --- a/sandbox/src/process_thread_dispatcher.cc +++ b/sandbox/src/process_thread_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,6 +9,7 @@ #include "base/win_util.h" #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -146,9 +147,9 @@ bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, case IPC_CREATEPROCESSW_TAG: return INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessW, - L"_TargetCreateProcessW@44") && + CREATE_PROCESSW_ID, 44) && INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, - L"_TargetCreateProcessA@44"); + CREATE_PROCESSA_ID, 44); default: return false; diff --git a/sandbox/src/registry_dispatcher.cc b/sandbox/src/registry_dispatcher.cc index c354256..642b8a9 100644 --- a/sandbox/src/registry_dispatcher.cc +++ b/sandbox/src/registry_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "base/win_util.h" #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/sandbox_nt_util.h" #include "sandbox/src/policy_broker.h" @@ -58,12 +59,12 @@ RegistryDispatcher::RegistryDispatcher(PolicyBase* policy_base) bool RegistryDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_NTCREATEKEY_TAG == service) - return INTERCEPT_NT(manager, NtCreateKey, "_TargetNtCreateKey@32"); + return INTERCEPT_NT(manager, NtCreateKey, CREATE_KEY_ID, 32); if (IPC_NTOPENKEY_TAG == service) { - bool result = INTERCEPT_NT(manager, NtOpenKey, "_TargetNtOpenKey@16"); + bool result = INTERCEPT_NT(manager, NtOpenKey, OPEN_KEY_ID, 16); if (win_util::GetWinVersion() >= win_util::WINVERSION_WIN7) - result &= INTERCEPT_NT(manager, NtOpenKeyEx, "_TargetNtOpenKeyEx@20"); + result &= INTERCEPT_NT(manager, NtOpenKeyEx, OPEN_KEY_EX_ID, 20); return result; } diff --git a/sandbox/src/sandbox_nt_util.cc b/sandbox/src/sandbox_nt_util.cc index a3ea634..f13ca87 100644 --- a/sandbox/src/sandbox_nt_util.cc +++ b/sandbox/src/sandbox_nt_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -230,7 +230,7 @@ bool IsValidImageSection(HANDLE section, PVOID *base, PLARGE_INTEGER offset, return false; SECTION_BASIC_INFORMATION basic_info; - ULONG bytes_returned; + SIZE_T bytes_returned; ret = g_nt.QuerySection(query_section, SectionBasicInformation, &basic_info, sizeof(basic_info), &bytes_returned); diff --git a/sandbox/src/sandbox_policy_base.cc b/sandbox/src/sandbox_policy_base.cc index c294db9..e063603 100644 --- a/sandbox/src/sandbox_policy_base.cc +++ b/sandbox/src/sandbox_policy_base.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -70,6 +70,8 @@ PolicyBase::PolicyBase() // Initialize the IPC dispatcher array. memset(&ipc_targets_, NULL, sizeof(ipc_targets_)); Dispatcher* dispatcher = NULL; +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. dispatcher = new FilesystemDispatcher(this); ipc_targets_[IPC_NTCREATEFILE_TAG] = dispatcher; ipc_targets_[IPC_NTOPENFILE_TAG] = dispatcher; @@ -90,6 +92,7 @@ PolicyBase::PolicyBase() dispatcher = new RegistryDispatcher(this); ipc_targets_[IPC_NTCREATEKEY_TAG] = dispatcher; ipc_targets_[IPC_NTOPENKEY_TAG] = dispatcher; +#endif } PolicyBase::~PolicyBase() { @@ -98,6 +101,8 @@ PolicyBase::~PolicyBase() { TargetProcess* target = (*it); delete target; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. delete ipc_targets_[IPC_NTCREATEFILE_TAG]; delete ipc_targets_[IPC_NTOPENTHREAD_TAG]; delete ipc_targets_[IPC_CREATENAMEDPIPEW_TAG]; @@ -106,6 +111,7 @@ PolicyBase::~PolicyBase() { delete policy_maker_; delete policy_; ::DeleteCriticalSection(&lock_); +#endif } DWORD PolicyBase::MakeJobObject(HANDLE* job) { diff --git a/sandbox/src/service_resolver_64.cc b/sandbox/src/service_resolver_64.cc index 3045840..c6e5b41 100644 --- a/sandbox/src/service_resolver_64.cc +++ b/sandbox/src/service_resolver_64.cc @@ -127,8 +127,10 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module, PEImage module_image(module); *address = module_image.GetProcAddress(function_name); - if (NULL == *address) + if (NULL == *address) { + NOTREACHED(); return STATUS_UNSUCCESSFUL; + } return STATUS_SUCCESS; } diff --git a/sandbox/src/sync_dispatcher.cc b/sandbox/src/sync_dispatcher.cc index cc9e7b5..025fd96 100644 --- a/sandbox/src/sync_dispatcher.cc +++ b/sandbox/src/sync_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -6,6 +6,7 @@ #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -35,11 +36,11 @@ bool SyncDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_CREATEEVENT_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", CreateEventW, - L"_TargetCreateEventW@20"); + CREATE_EVENT_ID, 20); if (IPC_OPENEVENT_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", OpenEventW, - L"_TargetOpenEventW@16"); + OPEN_EVENT_ID, 16); return false; } diff --git a/sandbox/src/target_process.cc b/sandbox/src/target_process.cc index 1ba1885..fd2d408 100644 --- a/sandbox/src/target_process.cc +++ b/sandbox/src/target_process.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -105,7 +105,10 @@ TargetProcess::~TargetProcess() { return; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. delete ipc_server_; +#endif ::CloseHandle(lockdown_token_); ::CloseHandle(initial_token_); @@ -184,16 +187,16 @@ DWORD TargetProcess::Create(const wchar_t* exe_path, sandbox_thread_ = process_info.hThread; sandbox_process_id_ = process_info.dwProcessId; -#ifndef _WIN64 // TODO(gregoryd): This code does not build for Win64. - // It is safe to disable it since base_address_ is used for - // interception that is not supported on Win64 yet. +#if defined(_WIN64) + void* entry_point = reinterpret_cast<void*>(context.Rcx); +#else #pragma warning(push) #pragma warning(disable: 4312) // This cast generates a warning because it is 32 bit specific. void* entry_point = reinterpret_cast<void*>(context.Eax); #pragma warning(pop) - base_address_ = GetBaseAddress(exe_path, entry_point); #endif // _WIN64 + base_address_ = GetBaseAddress(exe_path, entry_point); *target_info = process_info; return win_result; } @@ -299,11 +302,14 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher, void* policy, ::GetLastError() : ERROR_INVALID_FUNCTION; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. ipc_server_ = new SharedMemIPCServer(sandbox_process_, sandbox_process_id_, job_, thread_pool_, ipc_dispatcher); if (!ipc_server_->Init(shared_memory, shared_IPC_size, kIPCChannelSize)) return ERROR_NOT_ENOUGH_MEMORY; +#endif // After this point we cannot use this handle anymore. sandbox_thread_ = NULL; diff --git a/sandbox/src/target_services.cc b/sandbox/src/target_services.cc index e525dde..2bfe67d 100644 --- a/sandbox/src/target_services.cc +++ b/sandbox/src/target_services.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -85,6 +85,10 @@ bool TargetServicesBase::TestIPCPing(int version) { return false; } +#if defined(_WIN64) + // Bug 27218: We don't have IPC yet. + return false; +#else SharedMemIPCClient ipc(memory); CrossCallReturn answer = {0}; @@ -133,6 +137,7 @@ bool TargetServicesBase::TestIPCPing(int version) { } return true; +#endif } bool ProcessState::IsKernel32Loaded() { |