summaryrefslogtreecommitdiffstats
path: root/chrome_elf/blacklist/blacklist.h
blob: 5237a5c228b2a14a323a3c24743287b7ec26f306 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROME_ELF_BLACKLIST_BLACKLIST_H_
#define CHROME_ELF_BLACKLIST_BLACKLIST_H_

#if defined(_WIN64)
#include "sandbox/win/src/sandbox_nt_types.h"
#endif

namespace blacklist {

// Max size of the DLL blacklist.
const int kTroublesomeDllsMaxCount = 64;

// The DLL blacklist.
extern const wchar_t* g_troublesome_dlls[kTroublesomeDllsMaxCount];

// The registry path of the blacklist beacon.
extern const wchar_t kRegistryBeaconPath[];

// The properties for the blacklist beacon.
extern const wchar_t kBeaconVersion[];
extern const wchar_t kBeaconState[];

// The states for the blacklist setup code.
enum BlacklistState {
  BLACKLIST_DISABLED = 0,
  BLACKLIST_ENABLED,
  // The blacklist setup code is running. If this is still set at startup,
  // it means the last setup crashed.
  BLACKLIST_SETUP_RUNNING,
  // The blacklist thunk setup code is running. If this is still set at startup,
  // it means the last setup crashed during thunk setup.
  BLACKLIST_THUNK_SETUP,
  // The blacklist code is currently intercepting MapViewOfSection. If this is
  // still set at startup, it means we crashed during interception.
  BLACKLIST_INTERCEPTING,
  // Always keep this at the end.
  BLACKLIST_STATE_MAX,
};

#if defined(_WIN64)
extern NtMapViewOfSectionFunction g_nt_map_view_of_section_func;
#endif

// Attempts to leave a beacon in the current user's registry hive.
// If the blacklist beacon doesn't say it is enabled or there are any other
// errors when creating the beacon, returns false. Otherwise returns true.
// The intent of the beacon is to act as an extra failure mode protection
// whereby if Chrome for some reason fails to start during blacklist setup,
// it will skip blacklisting on the subsequent run.
bool LeaveSetupBeacon();

// Looks for the beacon that LeaveSetupBeacon() creates and resets it to
// to show the setup was successful.
// Returns true if the beacon was successfully set to BLACKLIST_ENABLED.
bool ResetBeacon();

// Return the size of the current blacklist.
int BlacklistSize();

// Adds the given dll name to the blacklist. Returns true if the dll name is in
// the blacklist when this returns, false on error. Note that this will copy
// |dll_name| and will leak it on exit if the string is not subsequently removed
// using RemoveDllFromBlacklist.
extern "C" bool AddDllToBlacklist(const wchar_t* dll_name);

// Removes the given dll name from the blacklist. Returns true if it was
// removed, false on error.
extern "C" bool RemoveDllFromBlacklist(const wchar_t* dll_name);

// Initializes the DLL blacklist in the current process. This should be called
// before any undesirable DLLs might be loaded. If |force| is set to true, then
// initialization will take place even if a beacon is present. This is useful
// for tests.
bool Initialize(bool force);

}  // namespace blacklist

#endif  // CHROME_ELF_BLACKLIST_BLACKLIST_H_