content/common/sandbox_policy.cc - Issue 10907217: Revert 156550 - Add sandbox support for Windows process mitigations

Side by Side Diff: content/common/sandbox_policy.cc

Issue 10907217: Revert 156550 - Add sandbox support for Windows process mitigations (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 8 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/sandbox_policy.h"	5 #include "content/common/sandbox_policy.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "base/command_line.h"	9 #include "base/command_line.h"

10 #include "base/debug/debugger.h"	10 #include "base/debug/debugger.h"

11 #include "base/debug/trace_event.h"	11 #include "base/debug/trace_event.h"

12 #include "base/file_util.h"	12 #include "base/file_util.h"

13 #include "base/lazy_instance.h"	13 #include "base/lazy_instance.h"

14 #include "base/logging.h"	14 #include "base/logging.h"

15 #include "base/path_service.h"	15 #include "base/path_service.h"

16 #include "base/process_util.h"	16 #include "base/process_util.h"

17 #include "base/string_util.h"	17 #include "base/string_util.h"

18 #include "base/stringprintf.h"	18 #include "base/stringprintf.h"

19 #include "base/win/iat_patch_function.h"	19 #include "base/win/iat_patch_function.h"

20 #include "base/win/scoped_handle.h"	20 #include "base/win/scoped_handle.h"

21 #include "base/win/scoped_process_information.h"	21 #include "base/win/scoped_process_information.h"

22 #include "base/win/windows_version.h"	22 #include "base/win/windows_version.h"

23 #include "content/common/debug_flags.h"	23 #include "content/common/debug_flags.h"

24 #include "content/public/common/content_client.h"	24 #include "content/public/common/content_client.h"

25 #include "content/public/common/content_switches.h"	25 #include "content/public/common/content_switches.h"

26 #include "content/public/common/process_type.h"	26 #include "content/public/common/process_type.h"

27 #include "content/public/common/sandbox_init.h"	27 #include "content/public/common/sandbox_init.h"

28 #include "sandbox/win/src/process_mitigations.h"

29 #include "sandbox/win/src/sandbox.h"	28 #include "sandbox/win/src/sandbox.h"

30 #include "sandbox/win/src/sandbox_nt_util.h"	29 #include "sandbox/win/src/sandbox_nt_util.h"

31 #include "sandbox/win/src/win_utils.h"	30 #include "sandbox/win/src/win_utils.h"

32 #include "ui/gl/gl_switches.h"	31 #include "ui/gl/gl_switches.h"

33	32

34 static sandbox::BrokerServices* g_broker_services = NULL;	33 static sandbox::BrokerServices* g_broker_services = NULL;

35 static sandbox::TargetServices* g_target_services = NULL;	34 static sandbox::TargetServices* g_target_services = NULL;

36	35

37 namespace {	36 namespace {

38	37

39 // The DLLs listed here are known (or under strong suspicion) of causing crashes	38 // The DLLs listed here are known (or under strong suspicion) of causing crashes

40 // when they are loaded in the renderer. Note: at runtime we generate short	39 // when they are loaded in the renderer. Note: at runtime we generate short

41 // versions of the dll name only if the dll has an extension.	40 // versions of the dll name only if the dll has an extension.

42 const wchar_t* const kTroublesomeDlls[] = {	41 const wchar_t* const kTroublesomeDlls[] = {

43 L"adialhk.dll", // Kaspersky Internet Security.	42 L"adialhk.dll", // Kaspersky Internet Security.

44 L"acpiz.dll", // Unknown.	43 L"acpiz.dll", // Unknown.

45 L"avgrsstx.dll", // AVG 8.	44 L"avgrsstx.dll", // AVG 8.

46 L"babylonchromepi.dll", // Babylon translator.	45 L"babylonchromepi.dll", // Babylon translator.

	46 L"browsemngr.dll", // Uninstall blocker used by Babylon.

47 L"btkeyind.dll", // Widcomm Bluetooth.	47 L"btkeyind.dll", // Widcomm Bluetooth.

48 L"cmcsyshk.dll", // CMC Internet Security.	48 L"cmcsyshk.dll", // CMC Internet Security.

49 L"cmsetac.dll", // Unknown (suspected malware).	49 L"cmsetac.dll", // Unknown (suspected malware).

50 L"cooliris.dll", // CoolIris.	50 L"cooliris.dll", // CoolIris.

51 L"dockshellhook.dll", // Stardock Objectdock.	51 L"dockshellhook.dll", // Stardock Objectdock.

52 L"easyhook32.dll", // GDIPP and others.	52 L"easyhook32.dll", // GDIPP and others.

53 L"googledesktopnetwork3.dll", // Google Desktop Search v5.	53 L"googledesktopnetwork3.dll", // Google Desktop Search v5.

54 L"fwhook.dll", // PC Tools Firewall Plus.	54 L"fwhook.dll", // PC Tools Firewall Plus.

55 L"hookprocesscreation.dll", // Blumentals Program protector.	55 L"hookprocesscreation.dll", // Blumentals Program protector.

56 L"hookterminateapis.dll", // Blumentals and Cyberprinter.	56 L"hookterminateapis.dll", // Blumentals and Cyberprinter.

(...skipping 663 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
720 #endif	720 #endif

721	721

722 if (!in_sandbox) {	722 if (!in_sandbox) {

723 policy->Release();	723 policy->Release();

724 base::ProcessHandle process = 0;	724 base::ProcessHandle process = 0;

725 base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process);	725 base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process);

726 g_broker_services->AddTargetPeer(process);	726 g_broker_services->AddTargetPeer(process);

727 return process;	727 return process;

728 }	728 }

729	729

730 // TODO(jschuh): Add all Win8 mitigations. crbug.com/147752

731 if (type != content::PROCESS_TYPE_NACL_LOADER) {

732 if (policy->SetProcessMitigations(MITIGATION_DEP \|

733 MITIGATION_DEP_NO_ATL_THUNK \|

734 MITIGATION_SEHOP \|

735 MITIGATION_BOTTOM_UP_ASLR)

736 != sandbox::SBOX_ALL_OK) {

737 return 0;

738 }

739 } else {

740 // TODO(jschuh): Make NaCl work with DEP and SEHOP. crbug.com/147752

741 if (policy->SetDelayedProcessMitigations(MITIGATION_DEP \|

742 MITIGATION_DEP_NO_ATL_THUNK)

743 != sandbox::SBOX_ALL_OK) {

744 return 0;

745 }

746 if (policy->SetProcessMitigations(MITIGATION_BOTTOM_UP_ASLR)

747 != sandbox::SBOX_ALL_OK) {

748 return 0;

749 }

750 }

751

752 if (type == content::PROCESS_TYPE_PLUGIN) {	730 if (type == content::PROCESS_TYPE_PLUGIN) {

753 AddGenericDllEvictionPolicy(policy);	731 AddGenericDllEvictionPolicy(policy);

754 AddPluginDllEvictionPolicy(policy);	732 AddPluginDllEvictionPolicy(policy);

755 } else if (type == content::PROCESS_TYPE_GPU) {	733 } else if (type == content::PROCESS_TYPE_GPU) {

756 if (!AddPolicyForGPU(cmd_line, policy))	734 if (!AddPolicyForGPU(cmd_line, policy))

757 return 0;	735 return 0;

758 } else {	736 } else {

759 if (!AddPolicyForRenderer(policy))	737 if (!AddPolicyForRenderer(policy))

760 return 0;	738 return 0;

761 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper.	739 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper.

(...skipping 126 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
888 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK;	866 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK;

889 }	867 }

890	868

891 base::ProcessHandle StartProcessWithAccess(	869 base::ProcessHandle StartProcessWithAccess(

892 CommandLine* cmd_line,	870 CommandLine* cmd_line,

893 const FilePath& exposed_dir) {	871 const FilePath& exposed_dir) {

894 return sandbox::StartProcessWithAccess(cmd_line, exposed_dir);	872 return sandbox::StartProcessWithAccess(cmd_line, exposed_dir);

895 }	873 }

896	874

897 } // namespace content	875 } // namespace content

OLD	NEW

« no previous file with comments | « content/app/startup_helper_win.cc ('k') | content/public/test/browser_test_base.cc » ('j') | no next file with comments »