diff options
| author | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-24 17:20:34 +0000 |
|---|---|---|
| committer | jschuh@chromium.org <jschuh@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-24 17:20:34 +0000 |
| commit | 4a675af846624bccd583b8ae6b518391018ee6a6 (patch) | |
| tree | f931ebaf34d7e451a10f9870f476919b8b611d55 /sandbox/src/process_thread_interception.cc | |
| parent | 65533ad0606a04de3746da2bc785702ba3da17b5 (diff) | |
| download | chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.zip chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.tar.gz chromium_src-4a675af846624bccd583b8ae6b518391018ee6a6.tar.bz2 | |
Close all open ALPC client ports at lockdown.
Close out the CSRSS and LSASS ALPC client ports that are opened during initialization.
BUG=58069
TEST=sbox_integration_tests --gtest_filter=HandleCloserTests.RunThreadPool
Review URL: http://codereview.chromium.org/7490002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@93827 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src/process_thread_interception.cc')
| -rw-r--r-- | sandbox/src/process_thread_interception.cc | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/sandbox/src/process_thread_interception.cc b/sandbox/src/process_thread_interception.cc index fdb5644..5a3119f 100644 --- a/sandbox/src/process_thread_interception.cc +++ b/sandbox/src/process_thread_interception.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -15,6 +15,8 @@ namespace sandbox { +SANDBOX_INTERCEPT NtExports g_nt; + // Hooks NtOpenThread and proxy the call to the broker if it's trying to // open a thread in the same process. NTSTATUS WINAPI TargetNtOpenThread(NtOpenThreadFunction orig_OpenThread, @@ -396,4 +398,30 @@ BOOL WINAPI TargetCreateProcessA(CreateProcessAFunction orig_CreateProcessA, return FALSE; } +// Creates a thread without registering with CSRSS. This is required if we +// closed the CSRSS ALPC port after lockdown. +HANDLE WINAPI TargetCreateThread(CreateThreadFunction orig_CreateThread, + LPSECURITY_ATTRIBUTES thread_attributes, + SIZE_T stack_size, + LPTHREAD_START_ROUTINE start_address, + PVOID parameter, + DWORD creation_flags, + LPDWORD thread_id) { + HANDLE thread; + PSECURITY_DESCRIPTOR sd = + thread_attributes ? thread_attributes->lpSecurityDescriptor : NULL; + CLIENT_ID client_id; + + NTSTATUS result = g_nt.RtlCreateUserThread(NtCurrentProcess, sd, + creation_flags & CREATE_SUSPENDED, + 0, stack_size, 0, start_address, + parameter, &thread, &client_id); + if (!NT_SUCCESS(result)) + return 0; + + if (thread_id) + *thread_id = HandleToUlong(client_id.UniqueThread); + return thread; +} + } // namespace sandbox |