diff options
| author | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-04 22:47:37 +0000 |
|---|---|---|
| committer | rvargas@google.com <rvargas@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-02-04 22:47:37 +0000 |
| commit | 4bc818e1dc285910638203a0d94063a9e92e36b0 (patch) | |
| tree | 871de4bc758b249b02246e0a449cd3c7960f76e3 /sandbox/src | |
| parent | bd06fc48da4098267e99ae9e03313c3689100147 (diff) | |
| download | chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.zip chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.tar.gz chromium_src-4bc818e1dc285910638203a0d94063a9e92e36b0.tar.bz2 | |
Sandbox: Finish the interception manager support for x64.
Unit tests and integration tests run (as long as they don't
depend on IPCs), both regular and under SANDBOX_EXPORTS.
The interception agent is there, but no EAT interceptions yet.
BUG=27218
TEST=unit tests/ integration tests.
Review URL: http://codereview.chromium.org/565026
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@38143 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'sandbox/src')
| -rw-r--r-- | sandbox/src/Wow64_64.cc | 22 | ||||
| -rw-r--r-- | sandbox/src/filesystem_dispatcher.cc | 16 | ||||
| -rw-r--r-- | sandbox/src/interception.cc | 53 | ||||
| -rw-r--r-- | sandbox/src/interception.h | 81 | ||||
| -rw-r--r-- | sandbox/src/interception_agent.cc | 5 | ||||
| -rw-r--r-- | sandbox/src/interception_internal.h | 5 | ||||
| -rw-r--r-- | sandbox/src/interception_unittest.cc | 57 | ||||
| -rw-r--r-- | sandbox/src/interceptors.h | 28 | ||||
| -rw-r--r-- | sandbox/src/named_pipe_dispatcher.cc | 5 | ||||
| -rw-r--r-- | sandbox/src/nt_internals.h | 6 | ||||
| -rw-r--r-- | sandbox/src/policy_broker.cc | 30 | ||||
| -rw-r--r-- | sandbox/src/policy_broker.h | 39 | ||||
| -rw-r--r-- | sandbox/src/policy_target_test.cc | 51 | ||||
| -rw-r--r-- | sandbox/src/process_thread_dispatcher.cc | 7 | ||||
| -rw-r--r-- | sandbox/src/registry_dispatcher.cc | 9 | ||||
| -rw-r--r-- | sandbox/src/sandbox_nt_util.cc | 4 | ||||
| -rw-r--r-- | sandbox/src/sandbox_policy_base.cc | 8 | ||||
| -rw-r--r-- | sandbox/src/service_resolver_64.cc | 4 | ||||
| -rw-r--r-- | sandbox/src/sync_dispatcher.cc | 7 | ||||
| -rw-r--r-- | sandbox/src/target_process.cc | 16 | ||||
| -rw-r--r-- | sandbox/src/target_services.cc | 7 |
21 files changed, 325 insertions, 135 deletions
diff --git a/sandbox/src/Wow64_64.cc b/sandbox/src/Wow64_64.cc new file mode 100644 index 0000000..e188d68 --- /dev/null +++ b/sandbox/src/Wow64_64.cc @@ -0,0 +1,22 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// Wow64 implementation for native 64-bit Windows (in other words, never WOW). + +#include "sandbox/src/wow64.h" + +namespace sandbox { + +Wow64::~Wow64() { +} + +bool Wow64::IsWow64() { + return false; +} + +bool Wow64::WaitForNtdll(DWORD timeout_ms) { + return true; +} + +} // namespace sandbox diff --git a/sandbox/src/filesystem_dispatcher.cc b/sandbox/src/filesystem_dispatcher.cc index d97e301..699947d 100644 --- a/sandbox/src/filesystem_dispatcher.cc +++ b/sandbox/src/filesystem_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "sandbox/src/filesystem_interception.h" #include "sandbox/src/filesystem_policy.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -60,22 +61,21 @@ bool FilesystemDispatcher::SetupService(InterceptionManager* manager, int service) { switch (service) { case IPC_NTCREATEFILE_TAG: - return INTERCEPT_NT(manager, NtCreateFile, "_TargetNtCreateFile@48"); + return INTERCEPT_NT(manager, NtCreateFile, CREATE_FILE_ID, 48); case IPC_NTOPENFILE_TAG: - return INTERCEPT_NT(manager, NtOpenFile, "_TargetNtOpenFile@28"); + return INTERCEPT_NT(manager, NtOpenFile, OPEN_FILE_ID, 28); case IPC_NTQUERYATTRIBUTESFILE_TAG: - return INTERCEPT_NT(manager, NtQueryAttributesFile, - "_TargetNtQueryAttributesFile@12"); + return INTERCEPT_NT(manager, NtQueryAttributesFile, QUERY_ATTRIB_FILE_ID, + 12); case IPC_NTQUERYFULLATTRIBUTESFILE_TAG: return INTERCEPT_NT(manager, NtQueryFullAttributesFile, - "_TargetNtQueryFullAttributesFile@12"); + QUERY_FULL_ATTRIB_FILE_ID, 12); case IPC_NTSETINFO_RENAME_TAG: - return INTERCEPT_NT(manager, NtSetInformationFile, - "_TargetNtSetInformationFile@24"); + return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); default: return false; diff --git a/sandbox/src/interception.cc b/sandbox/src/interception.cc index 007c373..28edf2c 100644 --- a/sandbox/src/interception.cc +++ b/sandbox/src/interception.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -13,6 +13,7 @@ #include "base/pe_image.h" #include "base/scoped_ptr.h" #include "sandbox/src/interception_internal.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/sandbox.h" #include "sandbox/src/sandbox_utils.h" #include "sandbox/src/service_resolver.h" @@ -31,6 +32,9 @@ namespace sandbox { SANDBOX_INTERCEPT SharedMemory* g_interceptions; +// Table of the unpatched functions that we intercept. Mapped from the parent. +SANDBOX_INTERCEPT OriginalFunctions g_originals = { NULL }; + // Magic constant that identifies that this function is not to be patched. const char kUnloadDLLDummyFunction[] = "@"; @@ -45,9 +49,11 @@ InterceptionManager::~InterceptionManager() { bool InterceptionManager::AddToPatchedFunctions( const wchar_t* dll_name, const char* function_name, - InterceptionType interception_type, const void* replacement_code_address) { + InterceptionType interception_type, const void* replacement_code_address, + InterceptorId id) { InterceptionData function; function.type = interception_type; + function.id = id; function.dll = dll_name; function.function = function_name; function.interceptor_address = replacement_code_address; @@ -58,9 +64,11 @@ bool InterceptionManager::AddToPatchedFunctions( bool InterceptionManager::AddToPatchedFunctions( const wchar_t* dll_name, const char* function_name, - InterceptionType interception_type, const char* replacement_function_name) { + InterceptionType interception_type, const char* replacement_function_name, + InterceptorId id) { InterceptionData function; function.type = interception_type; + function.id = id; function.dll = dll_name; function.function = function_name; function.interceptor = replacement_function_name; @@ -103,9 +111,10 @@ bool InterceptionManager::InitializeInterceptions() { return false; g_interceptions = reinterpret_cast<SharedMemory*>(remote_buffer); - child_->TransferVariable("sandbox::g_interceptions", &g_interceptions, - sizeof(g_interceptions)); - return true; + ResultCode rc = child_->TransferVariable("g_interceptions", + &g_interceptions, + sizeof(g_interceptions)); + return (SBOX_ALL_OK == rc); } size_t InterceptionManager::GetBufferSize() const { @@ -261,6 +270,7 @@ bool InterceptionManager::SetupInterceptionInfo(const InterceptionData& data, function->record_bytes = required; function->type = data.type; + function->id = data.id; function->interceptor_address = data.interceptor_address; char* names = function->function; @@ -337,22 +347,16 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { if (hot_patch_needed) { #if SANDBOX_EXPORTS // Make sure the functions are not excluded by the linker. +#if defined(_WIN64) + #pragma comment(linker, "/include:TargetNtMapViewOfSection64") + #pragma comment(linker, "/include:TargetNtUnmapViewOfSection64") +#else #pragma comment(linker, "/include:_TargetNtMapViewOfSection@44") #pragma comment(linker, "/include:_TargetNtUnmapViewOfSection@12") - - AddToPatchedFunctions(kNtdllName, kMapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - "_TargetNtMapViewOfSection@44"); - AddToPatchedFunctions(kNtdllName, kUnmapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - "_TargetNtUnmapViewOfSection@12"); -#else - AddToPatchedFunctions(kNtdllName, kMapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, &TargetNtMapViewOfSection); - AddToPatchedFunctions(kNtdllName, kUnmapViewOfSectionName, - INTERCEPTION_SERVICE_CALL, - &TargetNtUnmapViewOfSection); #endif +#endif + ADD_NT_INTERCEPTION(NtMapViewOfSection, MAP_VIEW_OF_SECTION_ID, 44); + ADD_NT_INTERCEPTION(NtUnmapViewOfSection, UNMAP_VIEW_OF_SECTION_ID, 12); } size_t thunk_bytes = interceptions_.size() * sizeof(ThunkData) + @@ -370,6 +374,9 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { dll_data.num_thunks = 0; dll_data.used_bytes = offsetof(DllInterceptionData, thunks); + // Reset all helpers for a new child. + memset(g_originals, 0, sizeof(g_originals)); + // this should write all the individual thunks to the child's memory if (!PatchClientFunctions(thunks, thunk_bytes, &dll_data)) return false; @@ -388,7 +395,10 @@ bool InterceptionManager::PatchNtdll(bool hot_patch_needed) { ::VirtualProtectEx(child, thunks, thunk_bytes, PAGE_EXECUTE_READ, &old_protection); - return true; + ResultCode ret = child_->TransferVariable("g_originals", g_originals, + sizeof(g_originals)); + + return SBOX_ALL_OK == ret ? true : false; } bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks, @@ -468,6 +478,9 @@ bool InterceptionManager::PatchClientFunctions(DllInterceptionData* thunks, if (!NT_SUCCESS(ret)) break; + DCHECK(!g_originals[it->id]); + g_originals[it->id] = &thunks->thunks[dll_data->num_thunks]; + dll_data->num_thunks++; dll_data->used_bytes += sizeof(ThunkData); } diff --git a/sandbox/src/interception.h b/sandbox/src/interception.h index fd947ff..261a6cf 100644 --- a/sandbox/src/interception.h +++ b/sandbox/src/interception.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -22,6 +22,7 @@ namespace sandbox { class TargetProcess; +enum InterceptorId; // Internal structures used for communication between the broker and the target. struct DllPatchInfo; @@ -40,12 +41,12 @@ struct DllInterceptionData; // InterceptionManager interception_manager(child); // if (!interception_manager.AddToPatchedFunctions( // L"ntdll.dll", "NtCreateFile", -// sandbox::INTERCEPTION_SERVICE_CALL, &MyNtCreateFile)) +// sandbox::INTERCEPTION_SERVICE_CALL, &MyNtCreateFile, MY_ID_1)) // return false; // // if (!interception_manager.AddToPatchedFunctions( // L"kernel32.dll", "CreateDirectoryW", -// sandbox::INTERCEPTION_EAT, L"MyCreateDirectoryW@12")) +// sandbox::INTERCEPTION_EAT, L"MyCreateDirectoryW@12", MY_ID_2)) // return false; // // if (!interception_manager.InitializeInterceptions()) { @@ -77,28 +78,43 @@ class InterceptionManager { // The new function should match the prototype and calling convention of the // function to intercept except for one extra argument (the first one) that // contains a pointer to the original function, to simplify the development - // of interceptors. + // of interceptors (for IA32). In x64, there is no extra argument to the + // interceptor, so the provided InterceptorId is used to keep a table of + // intercepted functions so that the interceptor can index that table to get + // the pointer that would have been the first argument (g_originals[id]). // // For example, to intercept NtClose, the following code could be used: // // typedef NTSTATUS (WINAPI *NtCloseFunction) (IN HANDLE Handle); - // NTSTATUS WINAPI MyNtCose (IN NtCloseFunction OriginalClose, - // IN HANDLE Handle) { + // NTSTATUS WINAPI MyNtCose(IN NtCloseFunction OriginalClose, + // IN HANDLE Handle) { // // do something // // call the original function // return OriginalClose(Handle); // } + // + // And in x64: + // + // typedef NTSTATUS (WINAPI *NtCloseFunction) (IN HANDLE Handle); + // NTSTATUS WINAPI MyNtCose64(IN HANDLE Handle) { + // // do something + // // call the original function + // NtCloseFunction OriginalClose = g_originals[NT_CLOSE_ID]; + // return OriginalClose(Handle); + // } bool AddToPatchedFunctions(const wchar_t* dll_name, const char* function_name, InterceptionType interception_type, - const void* replacement_code_address); + const void* replacement_code_address, + InterceptorId id); // Patches function_name inside dll_name to point to // replacement_function_name. bool AddToPatchedFunctions(const wchar_t* dll_name, const char* function_name, InterceptionType interception_type, - const char* replacement_function_name); + const char* replacement_function_name, + InterceptorId id); // The interception agent will unload the dll with dll_name. bool AddToUnloadModules(const wchar_t* dll_name); @@ -119,6 +135,7 @@ class InterceptionManager { // Used to store the interception information until the actual set-up. struct InterceptionData { InterceptionType type; // Interception type. + InterceptorId id; // Interceptor id. std::wstring dll; // Name of dll to intercept. std::string function; // Name of function to intercept. std::string interceptor; // Name of interceptor function. @@ -203,6 +220,54 @@ class InterceptionManager { DISALLOW_COPY_AND_ASSIGN(InterceptionManager); }; +// This macro simply calls interception_manager.AddToPatchedFunctions with +// the given service to intercept (INTERCEPTION_SERVICE_CALL), and assumes that +// the interceptor is called "TargetXXX", where XXX is the name of the service. +// Note that num_params is the number of bytes to pop out of the stack for +// the exported interceptor, following the calling convention of a service call +// (WINAPI = with the "C" underscore). +#if SANDBOX_EXPORTS +#if defined(_WIN64) +#define MAKE_SERVICE_NAME(service, params) Target ## service ## 64 +#else +#define MAKE_SERVICE_NAME(service, params) "_Target" # service "@" # params +#endif + +#define ADD_NT_INTERCEPTION(service, id, num_params) \ + AddToPatchedFunctions(kNtdllName, #service, \ + sandbox::INTERCEPTION_SERVICE_CALL, \ + MAKE_SERVICE_NAME(service, num_params), id) + +#define INTERCEPT_NT(manager, service, id, num_params) \ + ((&Target##service) ? \ + manager->ADD_NT_INTERCEPTION(service, id, num_params) : false) + +#define INTERCEPT_EAT(manager, dll, function, id, num_params) \ + ((&Target##function) ? \ + manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ + MAKE_SERVICE_NAME(function, num_params), \ + id) : \ + false) +#else // SANDBOX_EXPORTS +#if defined(_WIN64) +#define MAKE_SERVICE_NAME(service) &Target##service##64 +#else +#define MAKE_SERVICE_NAME(service) &Target##service +#endif + +#define ADD_NT_INTERCEPTION(service, id, num_params) \ + AddToPatchedFunctions(kNtdllName, #service, \ + sandbox::INTERCEPTION_SERVICE_CALL, \ + MAKE_SERVICE_NAME(service), id) + +#define INTERCEPT_NT(manager, service, id, num_params) \ + manager->ADD_NT_INTERCEPTION(service, id, num_params) + +#define INTERCEPT_EAT(manager, dll, function, id, num_params) \ + manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ + MAKE_SERVICE_NAME(function), id) +#endif // SANDBOX_EXPORTS + } // namespace sandbox #endif // SANDBOX_SRC_INTERCEPTION_H_ diff --git a/sandbox/src/interception_agent.cc b/sandbox/src/interception_agent.cc index 08df720..f9f9cf7 100644 --- a/sandbox/src/interception_agent.cc +++ b/sandbox/src/interception_agent.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -200,11 +200,14 @@ ResolverThunk* InterceptionAgent::GetResolver(InterceptionType type) { if (!eat_resolver) eat_resolver = new(NT_ALLOC) EatResolverThunk; +#if !defined(_WIN64) + // Sidestep is not supported for x64. if (!sidestep_resolver) sidestep_resolver = new(NT_ALLOC) SidestepResolverThunk; if (!smart_sidestep_resolver) smart_sidestep_resolver = new(NT_ALLOC) SmartSidestepResolverThunk; +#endif switch (type) { case INTERCEPTION_EAT: diff --git a/sandbox/src/interception_internal.h b/sandbox/src/interception_internal.h index e053bdf..2447a67 100644 --- a/sandbox/src/interception_internal.h +++ b/sandbox/src/interception_internal.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -15,6 +15,8 @@ namespace sandbox { const int kMaxThunkDataBytes = 64; +enum InterceptorId; + // The following structures contain variable size fields at the end, and will be // used to transfer information between two processes. In order to guarantee // our ability to follow the chain of structures, the alignment should be fixed, @@ -27,6 +29,7 @@ const int kMaxThunkDataBytes = 64; struct FunctionInfo { size_t record_bytes; // rounded to sizeof(size_t) bytes InterceptionType type; + InterceptorId id; const void* interceptor_address; char function[1]; // placeholder for null terminated name // char interceptor[] // followed by the interceptor function diff --git a/sandbox/src/interception_unittest.cc b/sandbox/src/interception_unittest.cc index 1c6838e..883cc91 100644 --- a/sandbox/src/interception_unittest.cc +++ b/sandbox/src/interception_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -10,6 +10,7 @@ #include "base/scoped_ptr.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/interception_internal.h" #include "sandbox/src/target_process.h" #include "testing/gtest/include/gtest/gtest.h" @@ -86,42 +87,49 @@ TEST(InterceptionManagerTest, BufferLayout1) { // Any pointer will do for a function pointer. void* function = &interceptions; + // We don't care about the interceptor id. interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtCreateFile", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateFileEx", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "SomeFileEx", - INTERCEPTION_SMART_SIDESTEP, function); + INTERCEPTION_SMART_SIDESTEP, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "FindWindow", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateMutex", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "PostMsg", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"user32.dll", "PostMsg", - INTERCEPTION_EAT, "replacement"); + INTERCEPTION_EAT, "replacement", + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtClose", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtOpenFile", - INTERCEPTION_SIDESTEP, function); + INTERCEPTION_SIDESTEP, function, + OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"some.dll", "Superfn", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, "a"); + INTERCEPTION_EAT, "a", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_SIDESTEP, "ab"); + INTERCEPTION_SIDESTEP, "ab", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"comctl.dll", "SaveAsDlg", - INTERCEPTION_EAT, "abc"); + INTERCEPTION_EAT, "abc", OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "p", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"b.dll", - "TheIncredibleCallToSaveTheWorld", INTERCEPTION_EAT, function); + "TheIncredibleCallToSaveTheWorld", + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "BIsLame", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); interceptions.AddToPatchedFunctions(L"a.dll", "ARules", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_KEY_ID); // Verify that all interceptions were added ASSERT_EQ(18, interceptions.interceptions_.size()); @@ -165,16 +173,17 @@ TEST(InterceptionManagerTest, BufferLayout2) { // Any pointer will do for a function pointer. void* function = &interceptions; - interceptions.AddToUnloadModules(L"some01.dll"); + // We don't care about the interceptor id. interceptions.AddToPatchedFunctions(L"ntdll.dll", "NtCreateFile", - INTERCEPTION_SERVICE_CALL, function); + INTERCEPTION_SERVICE_CALL, function, + OPEN_FILE_ID); interceptions.AddToPatchedFunctions(L"kernel32.dll", "CreateFileEx", - INTERCEPTION_EAT, function); + INTERCEPTION_EAT, function, OPEN_FILE_ID); interceptions.AddToUnloadModules(L"some02.dll"); interceptions.AddToPatchedFunctions(L"kernel32.dll", "SomeFileEx", - INTERCEPTION_SMART_SIDESTEP, function); - + INTERCEPTION_SMART_SIDESTEP, function, + OPEN_FILE_ID); // Verify that all interceptions were added ASSERT_EQ(5, interceptions.interceptions_.size()); diff --git a/sandbox/src/interceptors.h b/sandbox/src/interceptors.h index 7064e07..2b033b6 100644 --- a/sandbox/src/interceptors.h +++ b/sandbox/src/interceptors.h @@ -12,15 +12,39 @@ namespace sandbox { enum InterceptorId { + // Internal use: MAP_VIEW_OF_SECTION_ID = 0, UNMAP_VIEW_OF_SECTION_ID, + // Policy broker: SET_INFORMATION_THREAD_ID, OPEN_THREAD_TOKEN_ID, OPEN_THREAD_TOKEN_EX_ID, - MAX_ID + OPEN_TREAD_ID, + OPEN_PROCESS_ID, + OPEN_PROCESS_TOKEN_ID, + OPEN_PROCESS_TOKEN_EX_ID, + // Filesystem dispatcher: + CREATE_FILE_ID, + OPEN_FILE_ID, + QUERY_ATTRIB_FILE_ID, + QUERY_FULL_ATTRIB_FILE_ID, + SET_INFO_FILE_ID, + // Named pipe dispatcher: + CREATE_NAMED_PIPE_ID, + // Process-thread dispatcher: + CREATE_PROCESSW_ID, + CREATE_PROCESSA_ID, + // Registry dispatcher: + CREATE_KEY_ID, + OPEN_KEY_ID, + OPEN_KEY_EX_ID, + // Sync dispatcher: + CREATE_EVENT_ID, + OPEN_EVENT_ID, + INTERCEPTOR_MAX_ID }; -typedef void* OriginalFunctions[MAX_ID]; +typedef void* OriginalFunctions[INTERCEPTOR_MAX_ID]; } // namespace sandbox diff --git a/sandbox/src/named_pipe_dispatcher.cc b/sandbox/src/named_pipe_dispatcher.cc index 73e5424..0569784 100644 --- a/sandbox/src/named_pipe_dispatcher.cc +++ b/sandbox/src/named_pipe_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/named_pipe_interception.h" #include "sandbox/src/named_pipe_policy.h" @@ -33,7 +34,7 @@ bool NamedPipeDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_CREATENAMEDPIPEW_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", CreateNamedPipeW, - L"_TargetCreateNamedPipeW@36"); + CREATE_NAMED_PIPE_ID, 36); return false; } diff --git a/sandbox/src/nt_internals.h b/sandbox/src/nt_internals.h index 16a3abc..fa6b59e 100644 --- a/sandbox/src/nt_internals.h +++ b/sandbox/src/nt_internals.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -239,8 +239,8 @@ typedef NTSTATUS (WINAPI *NtQuerySectionFunction)( IN HANDLE SectionHandle, IN SECTION_INFORMATION_CLASS SectionInformationClass, OUT PVOID SectionInformation, - IN ULONG SectionInformationLength, - OUT PULONG ReturnLength OPTIONAL); + IN SIZE_T SectionInformationLength, + OUT PSIZE_T ReturnLength OPTIONAL); // ----------------------------------------------------------------------- // Process and Thread diff --git a/sandbox/src/policy_broker.cc b/sandbox/src/policy_broker.cc index e3b5023..1b26938 100644 --- a/sandbox/src/policy_broker.cc +++ b/sandbox/src/policy_broker.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -10,6 +10,7 @@ #include "base/pe_image.h" #include "base/win_util.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/policy_target.h" #include "sandbox/src/process_thread_interception.h" #include "sandbox/src/sandbox.h" @@ -87,27 +88,32 @@ bool SetupNtdllImports(TargetProcess *child) { #undef INIT_GLOBAL_RTL bool SetupBasicInterceptions(InterceptionManager* manager) { +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. // Interceptions provided by process_thread_policy, without actual policy. - if (!INTERCEPT_NT(manager, NtOpenThread, "_TargetNtOpenThread@20") || - !INTERCEPT_NT(manager, NtOpenProcess, "_TargetNtOpenProcess@20") || - !INTERCEPT_NT(manager, NtOpenProcessToken, - "_TargetNtOpenProcessToken@16")) + if (!INTERCEPT_NT(manager, NtOpenThread, OPEN_TREAD_ID, 20) || + !INTERCEPT_NT(manager, NtOpenProcess, OPEN_PROCESS_ID, 20) || + !INTERCEPT_NT(manager, NtOpenProcessToken, OPEN_PROCESS_TOKEN_ID, 16)) return false; +#endif // Interceptions with neither policy nor IPC. - if (!INTERCEPT_NT(manager, NtSetInformationThread, - "_TargetNtSetInformationThread@20") || - !INTERCEPT_NT(manager, NtOpenThreadToken, "_TargetNtOpenThreadToken@20")) + if (!INTERCEPT_NT(manager, NtSetInformationThread, SET_INFORMATION_THREAD_ID, + 20) || + !INTERCEPT_NT(manager, NtOpenThreadToken, OPEN_THREAD_TOKEN_ID, 20)) return false; if (win_util::GetWinVersion() >= win_util::WINVERSION_XP) { +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. // This one is also provided by process_thread_policy. - if (!INTERCEPT_NT(manager, NtOpenProcessTokenEx, - "_TargetNtOpenProcessTokenEx@20")) + if (!INTERCEPT_NT(manager, NtOpenProcessTokenEx, OPEN_PROCESS_TOKEN_EX_ID, + 20)) return false; +#endif - return INTERCEPT_NT(manager, NtOpenThreadTokenEx, - "_TargetNtOpenThreadTokenEx@24"); + return INTERCEPT_NT(manager, NtOpenThreadTokenEx, OPEN_THREAD_TOKEN_EX_ID, + 24); } return true; diff --git a/sandbox/src/policy_broker.h b/sandbox/src/policy_broker.h index 9697284..fd2602a 100644 --- a/sandbox/src/policy_broker.h +++ b/sandbox/src/policy_broker.h @@ -1,13 +1,14 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#ifndef SANDBOX_SRC_POLICY_BROKER_H__ -#define SANDBOX_SRC_POLICY_BROKER_H__ +#ifndef SANDBOX_SRC_POLICY_BROKER_H_ +#define SANDBOX_SRC_POLICY_BROKER_H_ + +#include "sandbox/src/interception.h" namespace sandbox { -class InterceptionManager; class TargetProcess; // Sets up interceptions not controlled by explicit policies. @@ -17,34 +18,6 @@ bool SetupBasicInterceptions(InterceptionManager* manager); // can work. bool SetupNtdllImports(TargetProcess *child); -// This macro simply calls interception_manager.AddToPatchedFunctions with -// the given service to intercept (INTERCEPTION_SERVICE_CALL), and assumes that -// the interceptor is called "TargetXXX", where XXX is the name of the service. -// Note that exported_target is the actual exported name of the interceptor, -// following the calling convention of a service call (WINAPI = with the "C" -// underscore and the number of bytes to pop out of the stack) -#if SANDBOX_EXPORTS -#define INTERCEPT_NT(manager, service, exported_target) \ - ((&Target##service) ? \ - manager->AddToPatchedFunctions(kNtdllName, #service, \ - sandbox::INTERCEPTION_SERVICE_CALL, \ - exported_target) : false) - -#define INTERCEPT_EAT(manager, dll, function, exported_target) \ - ((&Target##function) ? \ - manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ - exported_target) : false) -#else -#define INTERCEPT_NT(manager, service, exported_target) \ - manager->AddToPatchedFunctions(kNtdllName, #service, \ - sandbox::INTERCEPTION_SERVICE_CALL, \ - &Target##service) - -#define INTERCEPT_EAT(manager, dll, function, exported_target) \ - manager->AddToPatchedFunctions(dll, #function, sandbox::INTERCEPTION_EAT, \ - &Target##function) -#endif - } // namespace sandbox -#endif // SANDBOX_SRC_POLICY_BROKER_H__ +#endif // SANDBOX_SRC_POLICY_BROKER_H_ diff --git a/sandbox/src/policy_target_test.cc b/sandbox/src/policy_target_test.cc index e4ff837..042d455 100644 --- a/sandbox/src/policy_target_test.cc +++ b/sandbox/src/policy_target_test.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,6 +12,10 @@ namespace sandbox { +#define BINDNTDLL(name) \ + name ## Function name = reinterpret_cast<name ## Function>( \ + ::GetProcAddress(::GetModuleHandle(L"ntdll.dll"), #name)) + // Reverts to self and verify that SetInformationToken was faked. Returns // SBOX_TEST_SUCCEEDED if faked and SBOX_TEST_FAILED if not faked. SBOX_TESTS_COMMAND int PolicyTargetTest_token(int argc, wchar_t **argv) { @@ -71,6 +75,36 @@ SBOX_TESTS_COMMAND int PolicyTargetTest_token2(int argc, wchar_t **argv) { return SBOX_TEST_SUCCEEDED; } +// Opens the thread token with and without impersonation, using +// NtOpenThreadTokenEX. +SBOX_TESTS_COMMAND int PolicyTargetTest_token3(int argc, wchar_t **argv) { + BINDNTDLL(NtOpenThreadTokenEx); + if (!NtOpenThreadTokenEx) + return SBOX_TEST_FAILED_TO_EXECUTE_COMMAND; + + HANDLE thread_token; + // Get the thread token, using impersonation. + NTSTATUS status = NtOpenThreadTokenEx(GetCurrentThread(), + TOKEN_IMPERSONATE | TOKEN_DUPLICATE, + FALSE, 0, &thread_token); + if (status == STATUS_NO_TOKEN) + return ERROR_NO_TOKEN; + if (!NT_SUCCESS(status)) + return SBOX_TEST_FAILED; + + ::CloseHandle(thread_token); + + // Get the thread token, without impersonation. + status = NtOpenThreadTokenEx(GetCurrentThread(), + TOKEN_IMPERSONATE | TOKEN_DUPLICATE, TRUE, 0, + &thread_token); + if (!NT_SUCCESS(status)) + return SBOX_TEST_FAILED; + + ::CloseHandle(thread_token); + return SBOX_TEST_SUCCEEDED; +} + // Tests that we can open the current thread. SBOX_TESTS_COMMAND int PolicyTargetTest_thread(int argc, wchar_t **argv) { DWORD thread_id = ::GetCurrentThreadId(); @@ -144,6 +178,20 @@ TEST(PolicyTargetTest, OpenThreadToken) { EXPECT_EQ(ERROR_NO_TOKEN, runner.RunTest(L"PolicyTargetTest_token2")); } +TEST(PolicyTargetTest, OpenThreadTokenEx) { + TestRunner runner; + if (win_util::GetWinVersion() < win_util::WINVERSION_XP) + return; + + runner.SetTestState(BEFORE_REVERT); + EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"PolicyTargetTest_token3")); + + runner.SetTestState(AFTER_REVERT); + EXPECT_EQ(ERROR_NO_TOKEN, runner.RunTest(L"PolicyTargetTest_token3")); +} + +#if !defined(_WIN64) +// Bug 27218: We don't have IPC yet. TEST(PolicyTargetTest, OpenThread) { TestRunner runner; EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"PolicyTargetTest_thread")) << @@ -286,5 +334,6 @@ TEST(PolicyTargetTest, WinstaPolicy) { temp_policy->DestroyAlternateDesktop(); temp_policy->Release(); } +#endif // _WIN64 } // namespace sandbox diff --git a/sandbox/src/process_thread_dispatcher.cc b/sandbox/src/process_thread_dispatcher.cc index 1735a12..bbc1e57 100644 --- a/sandbox/src/process_thread_dispatcher.cc +++ b/sandbox/src/process_thread_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -9,6 +9,7 @@ #include "base/win_util.h" #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -146,9 +147,9 @@ bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, case IPC_CREATEPROCESSW_TAG: return INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessW, - L"_TargetCreateProcessW@44") && + CREATE_PROCESSW_ID, 44) && INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, - L"_TargetCreateProcessA@44"); + CREATE_PROCESSA_ID, 44); default: return false; diff --git a/sandbox/src/registry_dispatcher.cc b/sandbox/src/registry_dispatcher.cc index c354256..642b8a9 100644 --- a/sandbox/src/registry_dispatcher.cc +++ b/sandbox/src/registry_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -8,6 +8,7 @@ #include "base/win_util.h" #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/sandbox_nt_util.h" #include "sandbox/src/policy_broker.h" @@ -58,12 +59,12 @@ RegistryDispatcher::RegistryDispatcher(PolicyBase* policy_base) bool RegistryDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_NTCREATEKEY_TAG == service) - return INTERCEPT_NT(manager, NtCreateKey, "_TargetNtCreateKey@32"); + return INTERCEPT_NT(manager, NtCreateKey, CREATE_KEY_ID, 32); if (IPC_NTOPENKEY_TAG == service) { - bool result = INTERCEPT_NT(manager, NtOpenKey, "_TargetNtOpenKey@16"); + bool result = INTERCEPT_NT(manager, NtOpenKey, OPEN_KEY_ID, 16); if (win_util::GetWinVersion() >= win_util::WINVERSION_WIN7) - result &= INTERCEPT_NT(manager, NtOpenKeyEx, "_TargetNtOpenKeyEx@20"); + result &= INTERCEPT_NT(manager, NtOpenKeyEx, OPEN_KEY_EX_ID, 20); return result; } diff --git a/sandbox/src/sandbox_nt_util.cc b/sandbox/src/sandbox_nt_util.cc index a3ea634..f13ca87 100644 --- a/sandbox/src/sandbox_nt_util.cc +++ b/sandbox/src/sandbox_nt_util.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -230,7 +230,7 @@ bool IsValidImageSection(HANDLE section, PVOID *base, PLARGE_INTEGER offset, return false; SECTION_BASIC_INFORMATION basic_info; - ULONG bytes_returned; + SIZE_T bytes_returned; ret = g_nt.QuerySection(query_section, SectionBasicInformation, &basic_info, sizeof(basic_info), &bytes_returned); diff --git a/sandbox/src/sandbox_policy_base.cc b/sandbox/src/sandbox_policy_base.cc index c294db9..e063603 100644 --- a/sandbox/src/sandbox_policy_base.cc +++ b/sandbox/src/sandbox_policy_base.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -70,6 +70,8 @@ PolicyBase::PolicyBase() // Initialize the IPC dispatcher array. memset(&ipc_targets_, NULL, sizeof(ipc_targets_)); Dispatcher* dispatcher = NULL; +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. dispatcher = new FilesystemDispatcher(this); ipc_targets_[IPC_NTCREATEFILE_TAG] = dispatcher; ipc_targets_[IPC_NTOPENFILE_TAG] = dispatcher; @@ -90,6 +92,7 @@ PolicyBase::PolicyBase() dispatcher = new RegistryDispatcher(this); ipc_targets_[IPC_NTCREATEKEY_TAG] = dispatcher; ipc_targets_[IPC_NTOPENKEY_TAG] = dispatcher; +#endif } PolicyBase::~PolicyBase() { @@ -98,6 +101,8 @@ PolicyBase::~PolicyBase() { TargetProcess* target = (*it); delete target; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. delete ipc_targets_[IPC_NTCREATEFILE_TAG]; delete ipc_targets_[IPC_NTOPENTHREAD_TAG]; delete ipc_targets_[IPC_CREATENAMEDPIPEW_TAG]; @@ -106,6 +111,7 @@ PolicyBase::~PolicyBase() { delete policy_maker_; delete policy_; ::DeleteCriticalSection(&lock_); +#endif } DWORD PolicyBase::MakeJobObject(HANDLE* job) { diff --git a/sandbox/src/service_resolver_64.cc b/sandbox/src/service_resolver_64.cc index 3045840..c6e5b41 100644 --- a/sandbox/src/service_resolver_64.cc +++ b/sandbox/src/service_resolver_64.cc @@ -127,8 +127,10 @@ NTSTATUS ServiceResolverThunk::ResolveTarget(const void* module, PEImage module_image(module); *address = module_image.GetProcAddress(function_name); - if (NULL == *address) + if (NULL == *address) { + NOTREACHED(); return STATUS_UNSUCCESSFUL; + } return STATUS_SUCCESS; } diff --git a/sandbox/src/sync_dispatcher.cc b/sandbox/src/sync_dispatcher.cc index cc9e7b5..025fd96 100644 --- a/sandbox/src/sync_dispatcher.cc +++ b/sandbox/src/sync_dispatcher.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -6,6 +6,7 @@ #include "sandbox/src/crosscall_client.h" #include "sandbox/src/interception.h" +#include "sandbox/src/interceptors.h" #include "sandbox/src/ipc_tags.h" #include "sandbox/src/policy_broker.h" #include "sandbox/src/policy_params.h" @@ -35,11 +36,11 @@ bool SyncDispatcher::SetupService(InterceptionManager* manager, int service) { if (IPC_CREATEEVENT_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", CreateEventW, - L"_TargetCreateEventW@20"); + CREATE_EVENT_ID, 20); if (IPC_OPENEVENT_TAG == service) return INTERCEPT_EAT(manager, L"kernel32.dll", OpenEventW, - L"_TargetOpenEventW@16"); + OPEN_EVENT_ID, 16); return false; } diff --git a/sandbox/src/target_process.cc b/sandbox/src/target_process.cc index 1ba1885..fd2d408 100644 --- a/sandbox/src/target_process.cc +++ b/sandbox/src/target_process.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -105,7 +105,10 @@ TargetProcess::~TargetProcess() { return; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. delete ipc_server_; +#endif ::CloseHandle(lockdown_token_); ::CloseHandle(initial_token_); @@ -184,16 +187,16 @@ DWORD TargetProcess::Create(const wchar_t* exe_path, sandbox_thread_ = process_info.hThread; sandbox_process_id_ = process_info.dwProcessId; -#ifndef _WIN64 // TODO(gregoryd): This code does not build for Win64. - // It is safe to disable it since base_address_ is used for - // interception that is not supported on Win64 yet. +#if defined(_WIN64) + void* entry_point = reinterpret_cast<void*>(context.Rcx); +#else #pragma warning(push) #pragma warning(disable: 4312) // This cast generates a warning because it is 32 bit specific. void* entry_point = reinterpret_cast<void*>(context.Eax); #pragma warning(pop) - base_address_ = GetBaseAddress(exe_path, entry_point); #endif // _WIN64 + base_address_ = GetBaseAddress(exe_path, entry_point); *target_info = process_info; return win_result; } @@ -299,11 +302,14 @@ DWORD TargetProcess::Init(Dispatcher* ipc_dispatcher, void* policy, ::GetLastError() : ERROR_INVALID_FUNCTION; } +#if !defined(_WIN64) + // Bug 27218: We don't have IPC yet. ipc_server_ = new SharedMemIPCServer(sandbox_process_, sandbox_process_id_, job_, thread_pool_, ipc_dispatcher); if (!ipc_server_->Init(shared_memory, shared_IPC_size, kIPCChannelSize)) return ERROR_NOT_ENOUGH_MEMORY; +#endif // After this point we cannot use this handle anymore. sandbox_thread_ = NULL; diff --git a/sandbox/src/target_services.cc b/sandbox/src/target_services.cc index e525dde..2bfe67d 100644 --- a/sandbox/src/target_services.cc +++ b/sandbox/src/target_services.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -85,6 +85,10 @@ bool TargetServicesBase::TestIPCPing(int version) { return false; } +#if defined(_WIN64) + // Bug 27218: We don't have IPC yet. + return false; +#else SharedMemIPCClient ipc(memory); CrossCallReturn answer = {0}; @@ -133,6 +137,7 @@ bool TargetServicesBase::TestIPCPing(int version) { } return true; +#endif } bool ProcessState::IsKernel32Loaded() { |