The Tor Browser / file revision

security/sandbox/win/src/policy_low_level.h@6474c204b198

security/sandbox/win/src/policy_low_level.h

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.

     2 // Use of this source code is governed by a BSD-style license that can be

     3 // found in the LICENSE file.

     4 

     5 #ifndef SANDBOX_SRC_POLICY_LOW_LEVEL_H__

     6 #define SANDBOX_SRC_POLICY_LOW_LEVEL_H__

     7 

     8 #include <list>

     9 

    10 #include "base/basictypes.h"

    11 #include "sandbox/win/src/ipc_tags.h"

    12 #include "sandbox/win/src/policy_engine_params.h"

    13 #include "sandbox/win/src/policy_engine_opcodes.h"

    14 

    15 // Low level policy classes.

    16 // Built on top of the PolicyOpcode and OpcodeFatory, the low level policy

    17 // provides a way to define rules on strings and numbers but it is unaware

    18 // of Windows specific details or how the Interceptions must be set up.

    19 // To use these classes you construct one or more rules and add them to the

    20 // LowLevelPolicy object like this:

    21 //

    22 //   PolicyRule rule1(ASK_BROKER);

    23 //   rule1.AddStringMatch(IF, 0, L"\\\\/?/?\\c:\\*Microsoft*\\*.exe", true);

    24 //   rule1.AddNumberMatch(IF_NOT, 1, CREATE_ALWAYS, EQUAL);

    25 //   rule1.AddNumberMatch(IF, 2, FILE_ATTRIBUTE_NORMAL, EQUAL);

    26 //

    27 //   PolicyRule rule2(FAKE_SUCCESS);

    28 //   rule2.AddStringMatch(IF, 0, L"\\\\/?/?\\Pipe\\Chrome.*", false));

    29 //   rule2.AddNumberMatch(IF, 1, OPEN_EXISTING, EQUAL));

    30 //

    31 //   LowLevelPolicy policyGen(*policy_memory);

    32 //   policyGen.AddRule(kNtCreateFileSvc, &rule1);

    33 //   policyGen.AddRule(kNtCreateFileSvc, &rule2);

    34 //   policyGen.Done();

    35 //

    36 // At this point (error checking omitted) the policy_memory can be copied

    37 // to the target process where it can be evaluated.

    38 

    39 namespace sandbox {

    40 

    41 // TODO(cpu): Move this constant to crosscall_client.h.

    42 const size_t kMaxServiceCount = 32;

    43 COMPILE_ASSERT(IPC_LAST_TAG <= kMaxServiceCount, kMaxServiceCount_is_too_low);

    44 

    45 // Defines the memory layout of the policy. This memory is filled by

    46 // LowLevelPolicy object.

    47 // For example:

    48 //

    49 //  [Service 0] --points to---\

    50 //  [Service 1] --------------|-----\

    51 //   ......                   |     |

    52 //  [Service N]               |     |

    53 //  [data_size]               |     |

    54 //  [Policy Buffer 0] <-------/     |

    55 //  [opcodes of]                    |

    56 //  .......                         |

    57 //  [Policy Buffer 1] <-------------/

    58 //  [opcodes]

    59 //  .......

    60 //  .......

    61 //  [Policy Buffer N]

    62 //  [opcodes]

    63 //  .......

    64 //   <possibly unused space here>

    65 //  .......

    66 //  [opcode string ]

    67 //  [opcode string ]

    68 //  .......

    69 //  [opcode string ]

    70 struct PolicyGlobal {

    71   PolicyBuffer* entry[kMaxServiceCount];

    72   size_t data_size;

    73   PolicyBuffer data[1];

    74 };

    75 

    76 class PolicyRule;

    77 

    78 // Provides the means to collect rules into a policy store (memory)

    79 class LowLevelPolicy {

    80  public:

    81   // policy_store: must contain allocated memory and the internal

    82   // size fields set to correct values.

    83   explicit LowLevelPolicy(PolicyGlobal* policy_store)

    84       : policy_store_(policy_store) {

    85   }

    86 

    87   // Destroys all the policy rules.

    88   ~LowLevelPolicy();

    89 

    90   // Adds a rule to be generated when Done() is called.

    91   // service: The id of the service that this rule is associated with,

    92   // for example the 'Open Thread' service or the "Create File" service.

    93   // returns false on error.

    94   bool AddRule(int service, PolicyRule* rule);

    95 

    96   // Generates all the rules added with AddRule() into the memory area

    97   // passed on the constructor. Returns false on error.

    98   bool Done();

    99 

   100  private:

   101   struct RuleNode {

   102     const PolicyRule* rule;

   103     int service;

   104   };

   105   std::list<RuleNode> rules_;

   106   PolicyGlobal* policy_store_;

   107   DISALLOW_IMPLICIT_CONSTRUCTORS(LowLevelPolicy);

   108 };

   109 

   110 // There are 'if' rules and 'if not' comparisons

   111 enum RuleType {

   112   IF = 0,

   113   IF_NOT = 1,

   114 };

   115 

   116 // Possible comparisons for numbers

   117 enum RuleOp {

   118   EQUAL,

   119   AND,

   120   RANGE   // TODO(cpu): Implement this option.

   121 };

   122 

   123 // Provides the means to collect a set of comparisons into a single

   124 // rule and its associated action.

   125 class PolicyRule {

   126   friend class LowLevelPolicy;

   127 

   128  public:

   129   explicit PolicyRule(EvalResult action);

   130   PolicyRule(const PolicyRule& other);

   131   ~PolicyRule();

   132 

   133   // Adds a string comparison to the rule.

   134   // rule_type: possible values are IF and IF_NOT.

   135   // parameter: the expected index of the argument for this rule. For example

   136   // in a 'create file' service the file name argument can be at index 0.

   137   // string: is the desired matching pattern.

   138   // match_opts: if the pattern matching is case sensitive or not.

   139   bool AddStringMatch(RuleType rule_type, int16 parameter,

   140                       const wchar_t* string, StringMatchOptions match_opts);

   141 

   142   // Adds a number match comparison to the rule.

   143   // rule_type: possible values are IF and IF_NOT.

   144   // parameter: the expected index of the argument for this rule.

   145   // number: the value to compare the input to.

   146   // comparison_op: the comparison kind (equal, logical and, etc).

   147   bool AddNumberMatch(RuleType rule_type, int16 parameter,

   148                       unsigned long number, RuleOp comparison_op);

   149 

   150   // Returns the number of opcodes generated so far.

   151   size_t GetOpcodeCount() const {

   152     return buffer_->opcode_count;

   153   }

   154 

   155   // Called when there is no more comparisons to add. Internally it generates

   156   // the last opcode (the action opcode). Returns false if this operation fails.

   157   bool Done();

   158 

   159  private:

   160   void operator=(const PolicyRule&);

   161   // Called in a loop from AddStringMatch to generate the required string

   162   // match opcodes. rule_type, match_opts and parameter are the same as

   163   // in AddStringMatch.

   164   bool GenStringOpcode(RuleType rule_type, StringMatchOptions match_opts,

   165                        uint16 parameter, int state, bool last_call,

   166                        int* skip_count, std::wstring* fragment);

   167 

   168   // Loop over all generated opcodes and copy them to increasing memory

   169   // addresses from opcode_start and copy the extra data (strings usually) into

   170   // decreasing addresses from data_start. Extra data is only present in the

   171   // string evaluation opcodes.

   172   bool RebindCopy(PolicyOpcode* opcode_start, size_t opcode_size,

   173                   char* data_start, size_t* data_size) const;

   174   PolicyBuffer* buffer_;

   175   OpcodeFactory* opcode_factory_;

   176   EvalResult action_;

   177   bool done_;

   178 };

   179 

   180 }  // namespace sandbox

   181 

   182 #endif  // SANDBOX_SRC_POLICY_LOW_LEVEL_H__

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial