1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/interception_agent.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,87 @@
1.4 +// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +// Defines InterceptionAgent, the class in charge of setting up interceptions
1.9 +// from the inside of the sandboxed process. For more details see
1.10 +// http://dev.chromium.org/developers/design-documents/sandbox .
1.11 +
1.12 +#ifndef SANDBOX_SRC_INTERCEPTION_AGENT_H__
1.13 +#define SANDBOX_SRC_INTERCEPTION_AGENT_H__
1.14 +
1.15 +#include "base/basictypes.h"
1.16 +#include "sandbox/win/src/nt_internals.h"
1.17 +#include "sandbox/win/src/sandbox_types.h"
1.18 +
1.19 +namespace sandbox {
1.20 +
1.21 +// Internal structures used for communication between the broker and the target.
1.22 +struct DllInterceptionData;
1.23 +struct SharedMemory;
1.24 +struct DllPatchInfo;
1.25 +
1.26 +class ResolverThunk;
1.27 +
1.28 +// The InterceptionAgent executes on the target application, and it is in charge
1.29 +// of setting up the desired interceptions or indicating what module needs to
1.30 +// be unloaded.
1.31 +//
1.32 +// The exposed API consists of three methods: GetInterceptionAgent to retrieve
1.33 +// the single class instance, OnDllLoad and OnDllUnload to process a dll being
1.34 +// loaded and unloaded respectively.
1.35 +//
1.36 +// This class assumes that it will get called for every dll being loaded,
1.37 +// starting with kernel32, so the singleton will be instantiated from within the
1.38 +// loader lock.
1.39 +class InterceptionAgent {
1.40 + public:
1.41 + // Returns the single InterceptionAgent object for this process.
1.42 + static InterceptionAgent* GetInterceptionAgent();
1.43 +
1.44 + // This method should be invoked whenever a new dll is loaded to perform the
1.45 + // required patches. If the return value is false, this dll should not be
1.46 + // allowed to load.
1.47 + //
1.48 + // full_path is the (optional) full name of the module being loaded and name
1.49 + // is the internal module name. If full_path is provided, it will be used
1.50 + // before the internal name to determine if we care about this dll.
1.51 + bool OnDllLoad(const UNICODE_STRING* full_path, const UNICODE_STRING* name,
1.52 + void* base_address);
1.53 +
1.54 + // Performs cleanup when a dll is unloaded.
1.55 + void OnDllUnload(void* base_address);
1.56 +
1.57 + private:
1.58 + ~InterceptionAgent() {}
1.59 +
1.60 + // Performs initialization of the singleton.
1.61 + bool Init(SharedMemory* shared_memory);
1.62 +
1.63 + // Returns true if we are interested on this dll. dll_info is an entry of the
1.64 + // list of intercepted dlls.
1.65 + bool DllMatch(const UNICODE_STRING* full_path, const UNICODE_STRING* name,
1.66 + const DllPatchInfo* dll_info);
1.67 +
1.68 + // Performs the patching of the dll loaded at base_address.
1.69 + // The patches to perform are described on dll_info, and thunks is the thunk
1.70 + // storage for the whole dll.
1.71 + // Returns true on success.
1.72 + bool PatchDll(const DllPatchInfo* dll_info, DllInterceptionData* thunks);
1.73 +
1.74 + // Returns a resolver for a given interception type.
1.75 + ResolverThunk* GetResolver(InterceptionType type);
1.76 +
1.77 + // Shared memory containing the list of functions to intercept.
1.78 + SharedMemory* interceptions_;
1.79 +
1.80 + // Array of thunk data buffers for the intercepted dlls. This object singleton
1.81 + // is allocated with a placement new with enough space to hold the complete
1.82 + // array of pointers, not just the first element.
1.83 + DllInterceptionData* dlls_[1];
1.84 +
1.85 + DISALLOW_IMPLICIT_CONSTRUCTORS(InterceptionAgent);
1.86 +};
1.87 +
1.88 +} // namespace sandbox
1.89 +
1.90 +#endif // SANDBOX_SRC_INTERCEPTION_AGENT_H__
