summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2013-09-20 21:10:38 +0000
committerrvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2013-09-20 21:10:38 +0000
commite7b03f0dcb2cdd0fc3e881566aed34088ec8a795 (patch)
tree83c980579b52aa09867e7aff2825d4ed72f3e0a6
parentd81240b016aa46e9df07ca34d247564baa502719 (diff)
downloadchromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.zip
chromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.tar.gz
chromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.tar.bz2
Sandbox: Update for Windows 8.1
Some AppContainer methods moved to another DLL and the address space for 64-bit apps is larger than before. BUG=none TEST=current sbox_unittests, sbox_integration_tests, sbox_validation_tests R=cpu@chromium.org Review URL: https://codereview.chromium.org/24296002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@224489 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r--sandbox/win/src/app_container.cc30
-rw-r--r--sandbox/win/src/internal_types.h7
-rw-r--r--sandbox/win/src/sandbox_nt_util.cc27
3 files changed, 38 insertions, 26 deletions
diff --git a/sandbox/win/src/app_container.cc b/sandbox/win/src/app_container.cc
index ee978b9..826b561 100644
--- a/sandbox/win/src/app_container.cc
+++ b/sandbox/win/src/app_container.cc
@@ -23,6 +23,17 @@ PSID ConvertSid(const string16& sid) {
return local_sid;
}
+template <typename T>
+T BindFunction(const char* name) {
+ HMODULE module = GetModuleHandle(sandbox::kKerneldllName);
+ void* function = GetProcAddress(module, name);
+ if (!function) {
+ module = GetModuleHandle(sandbox::kKernelBasedllName);
+ function = GetProcAddress(module, name);
+ }
+ return reinterpret_cast<T>(function);
+}
+
} // namespace
namespace sandbox {
@@ -94,9 +105,8 @@ ResultCode CreateAppContainer(const string16& sid, const string16& name) {
static AppContainerRegisterSidPtr AppContainerRegisterSid = NULL;
if (!AppContainerRegisterSid) {
- HMODULE module = GetModuleHandle(kKerneldllName);
- AppContainerRegisterSid = reinterpret_cast<AppContainerRegisterSidPtr>(
- GetProcAddress(module, "AppContainerRegisterSid"));
+ AppContainerRegisterSid =
+ BindFunction<AppContainerRegisterSidPtr>("AppContainerRegisterSid");
}
ResultCode operation_result = SBOX_ERROR_GENERIC;
@@ -120,9 +130,8 @@ ResultCode DeleteAppContainer(const string16& sid) {
static AppContainerUnregisterSidPtr AppContainerUnregisterSid = NULL;
if (!AppContainerUnregisterSid) {
- HMODULE module = GetModuleHandle(kKerneldllName);
- AppContainerUnregisterSid = reinterpret_cast<AppContainerUnregisterSidPtr>(
- GetProcAddress(module, "AppContainerUnregisterSid"));
+ AppContainerUnregisterSid =
+ BindFunction<AppContainerUnregisterSidPtr>("AppContainerUnregisterSid");
}
ResultCode operation_result = SBOX_ERROR_GENERIC;
@@ -150,11 +159,10 @@ string16 LookupAppContainer(const string16& sid) {
static AppContainerFreeMemoryPtr AppContainerFreeMemory = NULL;
if (!AppContainerLookupMoniker || !AppContainerFreeMemory) {
- HMODULE module = GetModuleHandle(kKerneldllName);
- AppContainerLookupMoniker = reinterpret_cast<AppContainerLookupMonikerPtr>(
- GetProcAddress(module, "AppContainerLookupMoniker"));
- AppContainerFreeMemory = reinterpret_cast<AppContainerFreeMemoryPtr>(
- GetProcAddress(module, "AppContainerFreeMemory"));
+ AppContainerLookupMoniker =
+ BindFunction<AppContainerLookupMonikerPtr>("AppContainerLookupMoniker");
+ AppContainerFreeMemory =
+ BindFunction<AppContainerFreeMemoryPtr>("AppContainerFreeMemory");
}
if (!AppContainerLookupMoniker || !AppContainerFreeMemory)
diff --git a/sandbox/win/src/internal_types.h b/sandbox/win/src/internal_types.h
index db969aa..d5e2620 100644
--- a/sandbox/win/src/internal_types.h
+++ b/sandbox/win/src/internal_types.h
@@ -2,13 +2,14 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#ifndef SANDBOX_SRC_INTERNAL_TYPES_H_
-#define SANDBOX_SRC_INTERNAL_TYPES_H_
+#ifndef SANDBOX_WIN_SRC_INTERNAL_TYPES_H_
+#define SANDBOX_WIN_SRC_INTERNAL_TYPES_H_
namespace sandbox {
const wchar_t kNtdllName[] = L"ntdll.dll";
const wchar_t kKerneldllName[] = L"kernel32.dll";
+const wchar_t kKernelBasedllName[] = L"kernelbase.dll";
// Defines the supported C++ types encoding to numeric id. Like a poor's man
// RTTI. Note that true C++ RTTI will not work because the types are not
@@ -72,4 +73,4 @@ class IPCInt {
} // namespace sandbox
-#endif // SANDBOX_SRC_INTERNAL_TYPES_H_
+#endif // SANDBOX_WIN_SRC_INTERNAL_TYPES_H_
diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc
index 123a26e..7131461 100644
--- a/sandbox/win/src/sandbox_nt_util.cc
+++ b/sandbox/win/src/sandbox_nt_util.cc
@@ -13,7 +13,7 @@ namespace sandbox {
// This is the list of all imported symbols from ntdll.dll.
SANDBOX_INTERCEPT NtExports g_nt = { NULL };
-} // namespace
+} // namespace sandbox
namespace {
@@ -22,26 +22,20 @@ void* AllocateNearTo(void* source, size_t size) {
using sandbox::g_nt;
// Start with 1 GB above the source.
- const unsigned int kOneGB = 0x40000000;
+ const size_t kOneGB = 0x40000000;
void* base = reinterpret_cast<char*>(source) + kOneGB;
SIZE_T actual_size = size;
ULONG_PTR zero_bits = 0; // Not the correct type if used.
ULONG type = MEM_RESERVE;
- if (reinterpret_cast<SIZE_T>(source) > 0x7ff80000000) {
- // We are at the top of the address space. Let's try the highest available
- // address.
- base = NULL;
- type |= MEM_TOP_DOWN;
- }
-
NTSTATUS ret;
int attempts = 0;
- for (; attempts < 20; attempts++) {
+ for (; attempts < 41; attempts++) {
ret = g_nt.AllocateVirtualMemory(NtCurrentProcess, &base, zero_bits,
&actual_size, type, PAGE_READWRITE);
if (NT_SUCCESS(ret)) {
- if (base < source) {
+ if (base < source ||
+ base >= reinterpret_cast<char*>(source) + 4 * kOneGB) {
// We won't be able to patch this dll.
VERIFY_SUCCESS(g_nt.FreeVirtualMemory(NtCurrentProcess, &base, &size,
MEM_RELEASE));
@@ -50,11 +44,20 @@ void* AllocateNearTo(void* source, size_t size) {
break;
}
+ if (attempts == 30) {
+ // Try the first GB.
+ base = reinterpret_cast<char*>(source);
+ } else if (attempts == 40) {
+ // Try the highest available address.
+ base = NULL;
+ type |= MEM_TOP_DOWN;
+ }
+
// Try 100 MB higher.
base = reinterpret_cast<char*>(base) + 100 * 0x100000;
};
- if (attempts == 20)
+ if (attempts == 41)
return NULL;
ret = g_nt.AllocateVirtualMemory(NtCurrentProcess, &base, zero_bits,