Sandbox: Add code for all the interceptors.

Still waiting for IPC to be able to test anything.

BUG=27218
TEST=none


Review URL: http://codereview.chromium.org/669128

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@40700 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 308 insertions, 5 deletions

diff --git a/sandbox/src/interceptors_64.cc b/sandbox/src/interceptors_64.cc
index 77c35b8..a63ec33 100644
--- a/sandbox/src/interceptors_64.cc
+++ b/sandbox/src/interceptors_64.cc
@@ -5,9 +5,14 @@
 #include "sandbox/src/interceptors_64.h"
 
 #include "sandbox/src/interceptors.h"
+#include "sandbox/src/filesystem_interception.h"
+#include "sandbox/src/named_pipe_interception.h"
 #include "sandbox/src/policy_target.h"
+#include "sandbox/src/process_thread_interception.h"
+#include "sandbox/src/registry_interception.h"
 #include "sandbox/src/sandbox_nt_types.h"
 #include "sandbox/src/sandbox_types.h"
+#include "sandbox/src/sync_interception.h"
 #include "sandbox/src/target_interceptions.h"
 
 namespace sandbox {
@@ -33,6 +38,8 @@ NTSTATUS WINAPI TargetNtUnmapViewOfSection64(HANDLE process, PVOID base) {
   return TargetNtUnmapViewOfSection(orig_fn, process, base);
 }
 
+// -----------------------------------------------------------------------
+
 NTSTATUS WINAPI TargetNtSetInformationThread64(
     HANDLE thread, THREAD_INFORMATION_CLASS thread_info_class,
     PVOID thread_information, ULONG thread_information_bytes) {
@@ -61,4 +68,194 @@ NTSTATUS WINAPI TargetNtOpenThreadTokenEx64(
                                    open_as_self, handle_attributes, token);
 }
 
+// -----------------------------------------------------------------------
+
+#if 0
+// Bug 27218: We don't have IPC yet.
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateFile64(
+    PHANDLE file, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
+    PLARGE_INTEGER allocation_size, ULONG file_attributes, ULONG sharing,
+    ULONG disposition, ULONG options, PVOID ea_buffer, ULONG ea_length) {
+  NtCreateFileFunction orig_fn = reinterpret_cast<
+      NtCreateFileFunction>(g_originals[CREATE_FILE_ID]);
+  return TargetNtCreateFile(orig_fn, file, desired_access, object_attributes,
+                            io_status, allocation_size, file_attributes,
+                            sharing, disposition, options, ea_buffer,
+                            ea_length);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenFile64(
+    PHANDLE file, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
+    ULONG sharing, ULONG options) {
+  NtOpenFileFunction orig_fn = reinterpret_cast<
+      NtOpenFileFunction>(g_originals[OPEN_FILE_ID]);
+  return TargetNtOpenFile(orig_fn, file, desired_access, object_attributes,
+                          io_status, sharing, options);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryAttributesFile64(
+    POBJECT_ATTRIBUTES object_attributes,
+    PFILE_BASIC_INFORMATION file_attributes) {
+  NtQueryAttributesFileFunction orig_fn = reinterpret_cast<
+      NtQueryAttributesFileFunction>(g_originals[QUERY_ATTRIB_FILE_ID]);
+  return TargetNtQueryAttributesFile(orig_fn, object_attributes,
+                                     file_attributes);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryFullAttributesFile64(
+    POBJECT_ATTRIBUTES object_attributes,
+    PFILE_NETWORK_OPEN_INFORMATION file_attributes) {
+  NtQueryFullAttributesFileFunction orig_fn = reinterpret_cast<
+      NtQueryFullAttributesFileFunction>(
+          g_originals[QUERY_FULL_ATTRIB_FILE_ID]);
+  return TargetNtQueryFullAttributesFile(orig_fn, object_attributes,
+                                         file_attributes);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationFile64(
+    HANDLE file, PIO_STATUS_BLOCK io_status, PVOID file_information,
+    ULONG length, FILE_INFORMATION_CLASS file_information_class) {
+  NtSetInformationFileFunction orig_fn = reinterpret_cast<
+      NtSetInformationFileFunction>(g_originals[SET_INFO_FILE_ID]);
+  return TargetNtSetInformationFile(orig_fn, file, io_status, file_information,
+                                    length, file_information_class);
+}
+
+#endif
+
+// -----------------------------------------------------------------------
+
+SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateNamedPipeW64(
+    LPCWSTR pipe_name, DWORD open_mode, DWORD pipe_mode, DWORD max_instance,
+    DWORD out_buffer_size, DWORD in_buffer_size, DWORD default_timeout,
+    LPSECURITY_ATTRIBUTES security_attributes) {
+  CreateNamedPipeWFunction orig_fn = reinterpret_cast<
+      CreateNamedPipeWFunction>(g_originals[CREATE_NAMED_PIPE_ID]);
+  return TargetCreateNamedPipeW(orig_fn, pipe_name, open_mode, pipe_mode,
+                                max_instance, out_buffer_size, in_buffer_size,
+                                default_timeout, security_attributes);
+}
+
+// -----------------------------------------------------------------------
+
+#if 0
+// Bug 27218: We don't have IPC yet.
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread64(
+    PHANDLE thread, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) {
+  NtOpenThreadFunction orig_fn = reinterpret_cast<
+      NtOpenThreadFunction>(g_originals[OPEN_TREAD_ID]);
+  return TargetNtOpenThread(orig_fn, thread, desired_access, object_attributes,
+                            client_id);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess64(
+    PHANDLE process, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) {
+  NtOpenProcessFunction orig_fn = reinterpret_cast<
+      NtOpenProcessFunction>(g_originals[OPEN_PROCESS_ID]);
+  return TargetNtOpenProcess(orig_fn, process, desired_access,
+                             object_attributes, client_id);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken64(
+    HANDLE process, ACCESS_MASK desired_access, PHANDLE token) {
+  NtOpenProcessTokenFunction orig_fn = reinterpret_cast<
+      NtOpenProcessTokenFunction>(g_originals[OPEN_PROCESS_TOKEN_ID]);
+  return TargetNtOpenProcessToken(orig_fn, process, desired_access, token);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx64(
+    HANDLE process, ACCESS_MASK desired_access, ULONG handle_attributes,
+    PHANDLE token) {
+  NtOpenProcessTokenExFunction orig_fn = reinterpret_cast<
+      NtOpenProcessTokenExFunction>(g_originals[OPEN_PROCESS_TOKEN_EX_ID]);
+  return TargetNtOpenProcessTokenEx(orig_fn, process, desired_access,
+                                    handle_attributes, token);
+}
+
+SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW64(
+    LPCWSTR application_name, LPWSTR command_line,
+    LPSECURITY_ATTRIBUTES process_attributes,
+    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
+    LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info,
+    LPPROCESS_INFORMATION process_information) {
+  CreateProcessWFunction orig_fn = reinterpret_cast<
+      CreateProcessWFunction>(g_originals[CREATE_PROCESSW_ID]);
+  return TargetCreateProcessW(orig_fn, application_name, command_line,
+                              process_attributes, thread_attributes,
+                              inherit_handles, flags, environment,
+                              current_directory, startup_info,
+                              process_information);
+}
+
+SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA64(
+    LPCSTR application_name, LPSTR command_line,
+    LPSECURITY_ATTRIBUTES process_attributes,
+    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
+    LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info,
+    LPPROCESS_INFORMATION process_information) {
+  CreateProcessAFunction orig_fn = reinterpret_cast<
+      CreateProcessAFunction>(g_originals[CREATE_PROCESSA_ID]);
+  return TargetCreateProcessA(orig_fn, application_name, command_line,
+                              process_attributes, thread_attributes,
+                              inherit_handles, flags, environment,
+                              current_directory, startup_info,
+                              process_information);
+}
+
+// -----------------------------------------------------------------------
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateKey64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, ULONG title_index,
+    PUNICODE_STRING class_name, ULONG create_options, PULONG disposition) {
+  NtCreateKeyFunction orig_fn = reinterpret_cast<
+      NtCreateKeyFunction>(g_originals[CREATE_KEY_ID]);
+  return TargetNtCreateKey(orig_fn, key, desired_access, object_attributes,
+                           title_index, class_name, create_options,
+                           disposition);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes) {
+  NtOpenKeyFunction orig_fn = reinterpret_cast<
+      NtOpenKeyFunction>(g_originals[OPEN_KEY_ID]);
+  return TargetNtOpenKey(orig_fn, key, desired_access, object_attributes);
+}
+
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, ULONG open_options) {
+  NtOpenKeyExFunction orig_fn = reinterpret_cast<
+      NtOpenKeyExFunction>(g_originals[OPEN_KEY_EX_ID]);
+  return TargetNtOpenKeyEx(orig_fn, key, desired_access, object_attributes,
+                           open_options);
+}
+
+#endif
+
+// -----------------------------------------------------------------------
+
+SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateEventW64(
+    LPSECURITY_ATTRIBUTES security_attributes, BOOL manual_reset,
+    BOOL initial_state, LPCWSTR name) {
+  CreateEventWFunction orig_fn = reinterpret_cast<
+      CreateEventWFunction>(g_originals[CREATE_EVENT_ID]);
+  return TargetCreateEventW(orig_fn, security_attributes, manual_reset,
+                            initial_state, name);
+}
+
+SANDBOX_INTERCEPT HANDLE WINAPI TargetOpenEventW64(
+    ACCESS_MASK desired_access, BOOL inherit_handle, LPCWSTR name) {
+  OpenEventWFunction orig_fn = reinterpret_cast<
+      OpenEventWFunction>(g_originals[OPEN_EVENT_ID]);
+  return TargetOpenEventW(orig_fn, desired_access, inherit_handle, name);
+}
+
 }  // namespace sandbox
diff --git a/sandbox/src/interceptors_64.h b/sandbox/src/interceptors_64.h
index 8be5af4..10dff4f 100644
--- a/sandbox/src/interceptors_64.h
+++ b/sandbox/src/interceptors_64.h
@@ -30,23 +30,129 @@ SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtUnmapViewOfSection64(HANDLE process,
 // Interceptors without IPC.
 
 // Interception of NtSetInformationThread on the child process.
-// It should never be called directly.
 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationThread64(
     HANDLE thread, THREAD_INFORMATION_CLASS thread_info_class,
     PVOID thread_information, ULONG thread_information_bytes);
 
 // Interception of NtOpenThreadToken on the child process.
-// It should never be called directly
 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadToken64(
     HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self,
     PHANDLE token);
 
 // Interception of NtOpenThreadTokenEx on the child process.
-// It should never be called directly
 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadTokenEx64(
     HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self,
     ULONG handle_attributes, PHANDLE token);
 
+// -----------------------------------------------------------------------
+// Interceptors handled by the file system dispatcher.
+
+// Interception of NtCreateFile on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateFile64(
+    PHANDLE file, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
+    PLARGE_INTEGER allocation_size, ULONG file_attributes, ULONG sharing,
+    ULONG disposition, ULONG options, PVOID ea_buffer, ULONG ea_length);
+
+// Interception of NtOpenFile on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenFile64(
+    PHANDLE file, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status,
+    ULONG sharing, ULONG options);
+
+// Interception of NtQueryAtttributesFile on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryAttributesFile64(
+    POBJECT_ATTRIBUTES object_attributes,
+    PFILE_BASIC_INFORMATION file_attributes);
+
+// Interception of NtQueryFullAtttributesFile on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryFullAttributesFile64(
+    POBJECT_ATTRIBUTES object_attributes,
+    PFILE_NETWORK_OPEN_INFORMATION file_attributes);
+
+// Interception of NtSetInformationFile on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationFile64(
+    HANDLE file, PIO_STATUS_BLOCK io_status, PVOID file_information,
+    ULONG length, FILE_INFORMATION_CLASS file_information_class);
+
+// -----------------------------------------------------------------------
+// Interceptors handled by the named pipe dispatcher.
+
+// Interception of CreateNamedPipeW in kernel32.dll
+SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateNamedPipeW64(
+    LPCWSTR pipe_name, DWORD open_mode, DWORD pipe_mode, DWORD max_instance,
+    DWORD out_buffer_size, DWORD in_buffer_size, DWORD default_timeout,
+    LPSECURITY_ATTRIBUTES security_attributes);
+
+// -----------------------------------------------------------------------
+// Interceptors handled by the process-thread dispatcher.
+
+// Interception of NtOpenThread on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread64(
+    PHANDLE thread, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id);
+
+// Interception of NtOpenProcess on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess64(
+    PHANDLE process, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id);
+
+// Interception of NtOpenProcessToken on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken64(
+    HANDLE process, ACCESS_MASK desired_access, PHANDLE token);
+
+// Interception of NtOpenProcessTokenEx on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx64(
+    HANDLE process, ACCESS_MASK desired_access, ULONG handle_attributes,
+    PHANDLE token);
+
+// Interception of CreateProcessW in kernel32.dll.
+SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW64(
+    LPCWSTR application_name, LPWSTR command_line,
+    LPSECURITY_ATTRIBUTES process_attributes,
+    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
+    LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info,
+    LPPROCESS_INFORMATION process_information);
+
+// Interception of CreateProcessA in kernel32.dll.
+SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA64(
+    LPCSTR application_name, LPSTR command_line,
+    LPSECURITY_ATTRIBUTES process_attributes,
+    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
+    LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info,
+    LPPROCESS_INFORMATION process_information);
+
+// -----------------------------------------------------------------------
+// Interceptors handled by the registry dispatcher.
+
+// Interception of NtCreateKey on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateKey64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, ULONG title_index,
+    PUNICODE_STRING class_name, ULONG create_options, PULONG disposition);
+
+// Interception of NtOpenKey on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes);
+
+// Interception of NtOpenKeyEx on the child process.
+SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx64(
+    PHANDLE key, ACCESS_MASK desired_access,
+    POBJECT_ATTRIBUTES object_attributes, ULONG open_options);
+
+// -----------------------------------------------------------------------
+// Interceptors handled by the sync dispatcher.
+
+// Interception of CreateEventW on the child process.
+SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateEventW64(
+    LPSECURITY_ATTRIBUTES security_attributes, BOOL manual_reset,
+    BOOL initial_state, LPCWSTR name);
+
+// Interception of OpenEventW on the child process.
+SANDBOX_INTERCEPT HANDLE WINAPI TargetOpenEventW64(
+    ACCESS_MASK desired_access, BOOL inherit_handle, LPCWSTR name);
+
 }  // extern "C"
 
 }  // namespace sandbox
diff --git a/sandbox/src/registry_interception.cc b/sandbox/src/registry_interception.cc
index e7421ce..3cabf47 100644
--- a/sandbox/src/registry_interception.cc
+++ b/sandbox/src/registry_interception.cc
@@ -159,7 +159,7 @@ NTSTATUS WINAPI TargetNtOpenKey(NtOpenKeyFunction orig_OpenKey, PHANDLE key,
 NTSTATUS WINAPI TargetNtOpenKeyEx(NtOpenKeyExFunction orig_OpenKeyEx,
                                   PHANDLE key, ACCESS_MASK desired_access,
                                   POBJECT_ATTRIBUTES object_attributes,
-                                  DWORD open_options) {
+                                  ULONG open_options) {
   // Check if the process can open it first.
   NTSTATUS status = orig_OpenKeyEx(key, desired_access, object_attributes,
                                    open_options);
diff --git a/sandbox/src/registry_interception.h b/sandbox/src/registry_interception.h
index e92cc22..7036c49 100644
--- a/sandbox/src/registry_interception.h
+++ b/sandbox/src/registry_interception.h
@@ -29,7 +29,7 @@ SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey(
 // It should never be called directly
 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx(
     NtOpenKeyExFunction orig_OpenKeyEx, PHANDLE key, ACCESS_MASK desired_access,
-    POBJECT_ATTRIBUTES object_attributes, DWORD open_options);
+    POBJECT_ATTRIBUTES object_attributes, ULONG open_options);
 
 }  // extern "C"