Add sandbox support for Windows process mitigations

BUG=147752 Review URL: https://codereview.chromium.org/10690058 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@156550 0039d316-1c4b-4281-b951-d872f2087c98
author: jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-09-13 15:08:36 +0000
committer: jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-09-13 15:08:36 +0000
commit: a38d2e10b905b3be8316f235403ac2c49cead029 (patch)
tree: 3744c13489eba26db87e8bc5925f0ec724a751cb /content
parent: a155abbffdce8ecfef657cca7c0b58d092b7e4b8 (diff)
download: chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.zip
chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.tar.gz
chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.tar.bz2
4 files changed, 30 insertions, 9 deletions
diff --git a/content/app/startup_helper_win.cc b/content/app/startup_helper_win.cc
index 9ead36d..17fd323 100644
--- a/content/app/startup_helper_win.cc
+++ b/content/app/startup_helper_win.cc
@@ -10,7 +10,7 @@
 #include "base/base_switches.h"
 #include "base/command_line.h"
 #include "base/win/windows_version.h"
-#include "sandbox/win/src/dep.h"
+#include "sandbox/win/src/process_mitigations.h"
 #include "sandbox/win/src/sandbox_factory.h"
 
 namespace {
@@ -37,12 +37,13 @@ namespace content {
 
 void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo* info) {
   info->broker_services = sandbox::SandboxFactory::GetBrokerServices();
-  if (!info->broker_services)
+  if (!info->broker_services) {
     info->target_services = sandbox::SandboxFactory::GetTargetServices();
-
-  if (base::win::GetVersion() < base::win::VERSION_VISTA) {
-    // Enforces strong DEP support. Vista uses the NXCOMPAT flag in the exe.
-    sandbox::SetCurrentProcessDEP(sandbox::DEP_ENABLED);
+  } else {
+    // Ensure the proper mitigations are enforced for the browser process.
+    sandbox::ApplyProcessMitigationsToCurrentProcess(
+        sandbox::MITIGATION_DEP |
+        sandbox::MITIGATION_DEP_NO_ATL_THUNK);
   }
 }
 
diff --git a/content/common/sandbox_policy.cc b/content/common/sandbox_policy.cc
index b7eba46..6399de2 100644
--- a/content/common/sandbox_policy.cc
+++ b/content/common/sandbox_policy.cc
@@ -25,6 +25,7 @@
 #include "content/public/common/content_switches.h"
 #include "content/public/common/process_type.h"
 #include "content/public/common/sandbox_init.h"
+#include "sandbox/win/src/process_mitigations.h"
 #include "sandbox/win/src/sandbox.h"
 #include "sandbox/win/src/sandbox_nt_util.h"
 #include "sandbox/win/src/win_utils.h"
@@ -43,7 +44,6 @@ const wchar_t* const kTroublesomeDlls[] = {
   L"acpiz.dll",                   // Unknown.
   L"avgrsstx.dll",                // AVG 8.
   L"babylonchromepi.dll",         // Babylon translator.
-  L"browsemngr.dll",              // Uninstall blocker used by Babylon.
   L"btkeyind.dll",                // Widcomm Bluetooth.
   L"cmcsyshk.dll",                // CMC Internet Security.
   L"cmsetac.dll",                 // Unknown (suspected malware).
@@ -727,6 +727,28 @@ base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
     return process;
   }
 
+  // TODO(jschuh): Add all Win8 mitigations. crbug.com/147752
+  if (type != content::PROCESS_TYPE_NACL_LOADER) {
+    if (policy->SetProcessMitigations(MITIGATION_DEP |
+                                      MITIGATION_DEP_NO_ATL_THUNK |
+                                      MITIGATION_SEHOP |
+                                      MITIGATION_BOTTOM_UP_ASLR)
+        != sandbox::SBOX_ALL_OK) {
+      return 0;
+    }
+  } else {
+    // TODO(jschuh): Make NaCl work with DEP and SEHOP. crbug.com/147752
+    if (policy->SetDelayedProcessMitigations(MITIGATION_DEP |
+                                             MITIGATION_DEP_NO_ATL_THUNK)
+        != sandbox::SBOX_ALL_OK) {
+      return 0;
+    }
+    if (policy->SetProcessMitigations(MITIGATION_BOTTOM_UP_ASLR)
+        != sandbox::SBOX_ALL_OK) {
+      return 0;
+    }
+  }
+
   if (type == content::PROCESS_TYPE_PLUGIN) {
     AddGenericDllEvictionPolicy(policy);
     AddPluginDllEvictionPolicy(policy);
diff --git a/content/public/test/browser_test_base.cc b/content/public/test/browser_test_base.cc
index 24b0577..1124ada 100644
--- a/content/public/test/browser_test_base.cc
+++ b/content/public/test/browser_test_base.cc
@@ -10,7 +10,6 @@
 #include "base/process_util.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/main_function_params.h"
-#include "sandbox/win/src/dep.h"
 
 #if defined(OS_MACOSX)
 #include "base/mac/mac_util.h"
diff --git a/content/public/test/test_launcher.cc b/content/public/test/test_launcher.cc
index aad3ba3..ab2bdaf 100644
--- a/content/public/test/test_launcher.cc
+++ b/content/public/test/test_launcher.cc
@@ -34,7 +34,6 @@
 #if defined(OS_WIN)
 #include "base/base_switches.h"
 #include "content/common/sandbox_policy.h"
-#include "sandbox/win/src/dep.h"
 #include "sandbox/win/src/sandbox_factory.h"
 #include "sandbox/win/src/sandbox_types.h"
 #elif defined(OS_MACOSX)
author	jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-09-13 15:08:36 +0000
committer	jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-09-13 15:08:36 +0000
commit	a38d2e10b905b3be8316f235403ac2c49cead029 (patch)
tree	3744c13489eba26db87e8bc5925f0ec724a751cb /content
parent	a155abbffdce8ecfef657cca7c0b58d092b7e4b8 (diff)
download	chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.zip chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.tar.gz chromium_src-a38d2e10b905b3be8316f235403ac2c49cead029.tar.bz2