security/sandbox/win/src/sync_policy.cc@6474c204b198 (annotated)
security/sandbox/win/src/sync_policy.cc
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| michael@0 | 2 | // Use of this source code is governed by a BSD-style license that can be |
| michael@0 | 3 | // found in the LICENSE file. |
| michael@0 | 4 | |
| michael@0 | 5 | #include <string> |
| michael@0 | 6 | |
| michael@0 | 7 | #include "sandbox/win/src/sync_policy.h" |
| michael@0 | 8 | |
| michael@0 | 9 | #include "base/logging.h" |
| michael@0 | 10 | #include "sandbox/win/src/ipc_tags.h" |
| michael@0 | 11 | #include "sandbox/win/src/policy_engine_opcodes.h" |
| michael@0 | 12 | #include "sandbox/win/src/policy_params.h" |
| michael@0 | 13 | #include "sandbox/win/src/sandbox_types.h" |
| michael@0 | 14 | #include "sandbox/win/src/sandbox_utils.h" |
| michael@0 | 15 | |
| michael@0 | 16 | namespace sandbox { |
| michael@0 | 17 | |
| michael@0 | 18 | bool SyncPolicy::GenerateRules(const wchar_t* name, |
| michael@0 | 19 | TargetPolicy::Semantics semantics, |
| michael@0 | 20 | LowLevelPolicy* policy) { |
| michael@0 | 21 | std::wstring mod_name(name); |
| michael@0 | 22 | if (mod_name.empty()) { |
| michael@0 | 23 | return false; |
| michael@0 | 24 | } |
| michael@0 | 25 | |
| michael@0 | 26 | if (TargetPolicy::EVENTS_ALLOW_ANY != semantics && |
| michael@0 | 27 | TargetPolicy::EVENTS_ALLOW_READONLY != semantics) { |
| michael@0 | 28 | // Other flags are not valid for sync policy yet. |
| michael@0 | 29 | NOTREACHED(); |
| michael@0 | 30 | return false; |
| michael@0 | 31 | } |
| michael@0 | 32 | |
| michael@0 | 33 | // Add the open rule. |
| michael@0 | 34 | EvalResult result = ASK_BROKER; |
| michael@0 | 35 | PolicyRule open(result); |
| michael@0 | 36 | |
| michael@0 | 37 | if (!open.AddStringMatch(IF, OpenEventParams::NAME, name, CASE_INSENSITIVE)) |
| michael@0 | 38 | return false; |
| michael@0 | 39 | |
| michael@0 | 40 | if (TargetPolicy::EVENTS_ALLOW_READONLY == semantics) { |
| michael@0 | 41 | // We consider all flags that are not known to be readonly as potentially |
| michael@0 | 42 | // used for write. |
| michael@0 | 43 | DWORD allowed_flags = SYNCHRONIZE | GENERIC_READ | READ_CONTROL; |
| michael@0 | 44 | DWORD restricted_flags = ~allowed_flags; |
| michael@0 | 45 | open.AddNumberMatch(IF_NOT, OpenEventParams::ACCESS, restricted_flags, AND); |
| michael@0 | 46 | } |
| michael@0 | 47 | |
| michael@0 | 48 | if (!policy->AddRule(IPC_OPENEVENT_TAG, &open)) |
| michael@0 | 49 | return false; |
| michael@0 | 50 | |
| michael@0 | 51 | // If it's not a read only, add the create rule. |
| michael@0 | 52 | if (TargetPolicy::EVENTS_ALLOW_READONLY != semantics) { |
| michael@0 | 53 | PolicyRule create(result); |
| michael@0 | 54 | if (!create.AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) |
| michael@0 | 55 | return false; |
| michael@0 | 56 | |
| michael@0 | 57 | if (!policy->AddRule(IPC_CREATEEVENT_TAG, &create)) |
| michael@0 | 58 | return false; |
| michael@0 | 59 | } |
| michael@0 | 60 | |
| michael@0 | 61 | return true; |
| michael@0 | 62 | } |
| michael@0 | 63 | |
| michael@0 | 64 | DWORD SyncPolicy::CreateEventAction(EvalResult eval_result, |
| michael@0 | 65 | const ClientInfo& client_info, |
| michael@0 | 66 | const std::wstring &event_name, |
| michael@0 | 67 | uint32 manual_reset, |
| michael@0 | 68 | uint32 initial_state, |
| michael@0 | 69 | HANDLE *handle) { |
| michael@0 | 70 | // The only action supported is ASK_BROKER which means create the requested |
| michael@0 | 71 | // file as specified. |
| michael@0 | 72 | if (ASK_BROKER != eval_result) |
| michael@0 | 73 | return false; |
| michael@0 | 74 | |
| michael@0 | 75 | HANDLE local_handle = ::CreateEvent(NULL, manual_reset, initial_state, |
| michael@0 | 76 | event_name.c_str()); |
| michael@0 | 77 | if (NULL == local_handle) |
| michael@0 | 78 | return ::GetLastError(); |
| michael@0 | 79 | |
| michael@0 | 80 | if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, |
| michael@0 | 81 | client_info.process, handle, 0, FALSE, |
| michael@0 | 82 | DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { |
| michael@0 | 83 | return ERROR_ACCESS_DENIED; |
| michael@0 | 84 | } |
| michael@0 | 85 | return ERROR_SUCCESS; |
| michael@0 | 86 | } |
| michael@0 | 87 | |
| michael@0 | 88 | DWORD SyncPolicy::OpenEventAction(EvalResult eval_result, |
| michael@0 | 89 | const ClientInfo& client_info, |
| michael@0 | 90 | const std::wstring &event_name, |
| michael@0 | 91 | uint32 desired_access, |
| michael@0 | 92 | uint32 inherit_handle, |
| michael@0 | 93 | HANDLE *handle) { |
| michael@0 | 94 | // The only action supported is ASK_BROKER which means create the requested |
| michael@0 | 95 | // file as specified. |
| michael@0 | 96 | if (ASK_BROKER != eval_result) |
| michael@0 | 97 | return false; |
| michael@0 | 98 | |
| michael@0 | 99 | HANDLE local_handle = ::OpenEvent(desired_access, FALSE, |
| michael@0 | 100 | event_name.c_str()); |
| michael@0 | 101 | if (NULL == local_handle) |
| michael@0 | 102 | return ::GetLastError(); |
| michael@0 | 103 | |
| michael@0 | 104 | if (!::DuplicateHandle(::GetCurrentProcess(), local_handle, |
| michael@0 | 105 | client_info.process, handle, 0, inherit_handle, |
| michael@0 | 106 | DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS)) { |
| michael@0 | 107 | return ERROR_ACCESS_DENIED; |
| michael@0 | 108 | } |
| michael@0 | 109 | return ERROR_SUCCESS; |
| michael@0 | 110 | } |
| michael@0 | 111 | |
| michael@0 | 112 | } // namespace sandbox |
