diff options
author | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-20 21:10:38 +0000 |
---|---|---|
committer | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-20 21:10:38 +0000 |
commit | e7b03f0dcb2cdd0fc3e881566aed34088ec8a795 (patch) | |
tree | 83c980579b52aa09867e7aff2825d4ed72f3e0a6 | |
parent | d81240b016aa46e9df07ca34d247564baa502719 (diff) | |
download | chromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.zip chromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.tar.gz chromium_src-e7b03f0dcb2cdd0fc3e881566aed34088ec8a795.tar.bz2 |
Sandbox: Update for Windows 8.1
Some AppContainer methods moved to another DLL and the address
space for 64-bit apps is larger than before.
BUG=none
TEST=current sbox_unittests, sbox_integration_tests, sbox_validation_tests
R=cpu@chromium.org
Review URL: https://codereview.chromium.org/24296002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@224489 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r-- | sandbox/win/src/app_container.cc | 30 | ||||
-rw-r--r-- | sandbox/win/src/internal_types.h | 7 | ||||
-rw-r--r-- | sandbox/win/src/sandbox_nt_util.cc | 27 |
3 files changed, 38 insertions, 26 deletions
diff --git a/sandbox/win/src/app_container.cc b/sandbox/win/src/app_container.cc index ee978b9..826b561 100644 --- a/sandbox/win/src/app_container.cc +++ b/sandbox/win/src/app_container.cc @@ -23,6 +23,17 @@ PSID ConvertSid(const string16& sid) { return local_sid; } +template <typename T> +T BindFunction(const char* name) { + HMODULE module = GetModuleHandle(sandbox::kKerneldllName); + void* function = GetProcAddress(module, name); + if (!function) { + module = GetModuleHandle(sandbox::kKernelBasedllName); + function = GetProcAddress(module, name); + } + return reinterpret_cast<T>(function); +} + } // namespace namespace sandbox { @@ -94,9 +105,8 @@ ResultCode CreateAppContainer(const string16& sid, const string16& name) { static AppContainerRegisterSidPtr AppContainerRegisterSid = NULL; if (!AppContainerRegisterSid) { - HMODULE module = GetModuleHandle(kKerneldllName); - AppContainerRegisterSid = reinterpret_cast<AppContainerRegisterSidPtr>( - GetProcAddress(module, "AppContainerRegisterSid")); + AppContainerRegisterSid = + BindFunction<AppContainerRegisterSidPtr>("AppContainerRegisterSid"); } ResultCode operation_result = SBOX_ERROR_GENERIC; @@ -120,9 +130,8 @@ ResultCode DeleteAppContainer(const string16& sid) { static AppContainerUnregisterSidPtr AppContainerUnregisterSid = NULL; if (!AppContainerUnregisterSid) { - HMODULE module = GetModuleHandle(kKerneldllName); - AppContainerUnregisterSid = reinterpret_cast<AppContainerUnregisterSidPtr>( - GetProcAddress(module, "AppContainerUnregisterSid")); + AppContainerUnregisterSid = + BindFunction<AppContainerUnregisterSidPtr>("AppContainerUnregisterSid"); } ResultCode operation_result = SBOX_ERROR_GENERIC; @@ -150,11 +159,10 @@ string16 LookupAppContainer(const string16& sid) { static AppContainerFreeMemoryPtr AppContainerFreeMemory = NULL; if (!AppContainerLookupMoniker || !AppContainerFreeMemory) { - HMODULE module = GetModuleHandle(kKerneldllName); - AppContainerLookupMoniker = reinterpret_cast<AppContainerLookupMonikerPtr>( - GetProcAddress(module, "AppContainerLookupMoniker")); - AppContainerFreeMemory = reinterpret_cast<AppContainerFreeMemoryPtr>( - GetProcAddress(module, "AppContainerFreeMemory")); + AppContainerLookupMoniker = + BindFunction<AppContainerLookupMonikerPtr>("AppContainerLookupMoniker"); + AppContainerFreeMemory = + BindFunction<AppContainerFreeMemoryPtr>("AppContainerFreeMemory"); } if (!AppContainerLookupMoniker || !AppContainerFreeMemory) diff --git a/sandbox/win/src/internal_types.h b/sandbox/win/src/internal_types.h index db969aa..d5e2620 100644 --- a/sandbox/win/src/internal_types.h +++ b/sandbox/win/src/internal_types.h @@ -2,13 +2,14 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SANDBOX_SRC_INTERNAL_TYPES_H_ -#define SANDBOX_SRC_INTERNAL_TYPES_H_ +#ifndef SANDBOX_WIN_SRC_INTERNAL_TYPES_H_ +#define SANDBOX_WIN_SRC_INTERNAL_TYPES_H_ namespace sandbox { const wchar_t kNtdllName[] = L"ntdll.dll"; const wchar_t kKerneldllName[] = L"kernel32.dll"; +const wchar_t kKernelBasedllName[] = L"kernelbase.dll"; // Defines the supported C++ types encoding to numeric id. Like a poor's man // RTTI. Note that true C++ RTTI will not work because the types are not @@ -72,4 +73,4 @@ class IPCInt { } // namespace sandbox -#endif // SANDBOX_SRC_INTERNAL_TYPES_H_ +#endif // SANDBOX_WIN_SRC_INTERNAL_TYPES_H_ diff --git a/sandbox/win/src/sandbox_nt_util.cc b/sandbox/win/src/sandbox_nt_util.cc index 123a26e..7131461 100644 --- a/sandbox/win/src/sandbox_nt_util.cc +++ b/sandbox/win/src/sandbox_nt_util.cc @@ -13,7 +13,7 @@ namespace sandbox { // This is the list of all imported symbols from ntdll.dll. SANDBOX_INTERCEPT NtExports g_nt = { NULL }; -} // namespace +} // namespace sandbox namespace { @@ -22,26 +22,20 @@ void* AllocateNearTo(void* source, size_t size) { using sandbox::g_nt; // Start with 1 GB above the source. - const unsigned int kOneGB = 0x40000000; + const size_t kOneGB = 0x40000000; void* base = reinterpret_cast<char*>(source) + kOneGB; SIZE_T actual_size = size; ULONG_PTR zero_bits = 0; // Not the correct type if used. ULONG type = MEM_RESERVE; - if (reinterpret_cast<SIZE_T>(source) > 0x7ff80000000) { - // We are at the top of the address space. Let's try the highest available - // address. - base = NULL; - type |= MEM_TOP_DOWN; - } - NTSTATUS ret; int attempts = 0; - for (; attempts < 20; attempts++) { + for (; attempts < 41; attempts++) { ret = g_nt.AllocateVirtualMemory(NtCurrentProcess, &base, zero_bits, &actual_size, type, PAGE_READWRITE); if (NT_SUCCESS(ret)) { - if (base < source) { + if (base < source || + base >= reinterpret_cast<char*>(source) + 4 * kOneGB) { // We won't be able to patch this dll. VERIFY_SUCCESS(g_nt.FreeVirtualMemory(NtCurrentProcess, &base, &size, MEM_RELEASE)); @@ -50,11 +44,20 @@ void* AllocateNearTo(void* source, size_t size) { break; } + if (attempts == 30) { + // Try the first GB. + base = reinterpret_cast<char*>(source); + } else if (attempts == 40) { + // Try the highest available address. + base = NULL; + type |= MEM_TOP_DOWN; + } + // Try 100 MB higher. base = reinterpret_cast<char*>(base) + 100 * 0x100000; }; - if (attempts == 20) + if (attempts == 41) return NULL; ret = g_nt.AllocateVirtualMemory(NtCurrentProcess, &base, zero_bits, |