diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 09:22:09 +0000 |
commit | 43a97878ce14b72f0981164f87f2e35e14151312 (patch) | |
tree | 620249daf56c0258faa40cbdcf9cfba06de2a846 /security/sandbox/chromium-shim/base | |
parent | Initial commit. (diff) | |
download | firefox-upstream.tar.xz firefox-upstream.zip |
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/sandbox/chromium-shim/base')
33 files changed, 1678 insertions, 0 deletions
diff --git a/security/sandbox/chromium-shim/base/allocator/buildflags.h b/security/sandbox/chromium-shim/base/allocator/buildflags.h new file mode 100644 index 0000000000..1799e64067 --- /dev/null +++ b/security/sandbox/chromium-shim/base/allocator/buildflags.h @@ -0,0 +1,20 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a copy of a file that is generated by the chromium build, with +// only the build flags we require. + +// Generated by build/write_buildflag_header.py +// From "//base/allocator:buildflags" + +#ifndef BASE_ALLOCATOR_BUILDFLAGS_H_ +#define BASE_ALLOCATOR_BUILDFLAGS_H_ + +#include "build/buildflag.h" + +#define BUILDFLAG_INTERNAL_USE_TCMALLOC() (0) + +#endif // BASE_ALLOCATOR_BUILDFLAGS_H_ diff --git a/security/sandbox/chromium-shim/base/allocator/partition_allocator/page_allocator.h b/security/sandbox/chromium-shim/base/allocator/partition_allocator/page_allocator.h new file mode 100644 index 0000000000..e3bb27d897 --- /dev/null +++ b/security/sandbox/chromium-shim/base/allocator/partition_allocator/page_allocator.h @@ -0,0 +1,21 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file +// base/allocator/partition_allocator/page_allocator.h. +// To provide to an empty ReleaseReservation function, because we never call +// ReserveAddressSpace. + +#ifndef BASE_ALLOCATOR_PARTITION_ALLOCATOR_PAGE_ALLOCATOR_H_ +#define BASE_ALLOCATOR_PARTITION_ALLOCATOR_PAGE_ALLOCATOR_H_ + +namespace base { + +BASE_EXPORT void ReleaseReservation() {} + +} // namespace base + +#endif // BASE_ALLOCATOR_PARTITION_ALLOCATOR_PAGE_ALLOCATOR_H_ diff --git a/security/sandbox/chromium-shim/base/debug/activity_tracker.h b/security/sandbox/chromium-shim/base/debug/activity_tracker.h new file mode 100644 index 0000000000..b59cd12cc0 --- /dev/null +++ b/security/sandbox/chromium-shim/base/debug/activity_tracker.h @@ -0,0 +1,61 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/debug/activity_tracker.h. +// To provide a class required in base/synchronization/lock_impl_win.cc +// ScopedLockAcquireActivity. We don't use activity tracking. + +#ifndef BASE_DEBUG_ACTIVITY_TRACKER_H_ +#define BASE_DEBUG_ACTIVITY_TRACKER_H_ + +#include "base/base_export.h" +#include "base/compiler_specific.h" +#include "base/macros.h" + +namespace base { +class PlatformThreadHandle; +class WaitableEvent; + +namespace internal { +class LockImpl; +} + +namespace debug { + +class BASE_EXPORT GlobalActivityTracker { + public: + static bool IsEnabled() { return false; } + DISALLOW_COPY_AND_ASSIGN(GlobalActivityTracker); +}; + +class BASE_EXPORT ScopedLockAcquireActivity +{ + public: + ALWAYS_INLINE + explicit ScopedLockAcquireActivity(const base::internal::LockImpl* lock) {} + DISALLOW_COPY_AND_ASSIGN(ScopedLockAcquireActivity); +}; + +class BASE_EXPORT ScopedEventWaitActivity +{ + public: + ALWAYS_INLINE + explicit ScopedEventWaitActivity(const base::WaitableEvent* event) {} + DISALLOW_COPY_AND_ASSIGN(ScopedEventWaitActivity); +}; + +class BASE_EXPORT ScopedThreadJoinActivity +{ + public: + ALWAYS_INLINE + explicit ScopedThreadJoinActivity(const base::PlatformThreadHandle* thread) {} + DISALLOW_COPY_AND_ASSIGN(ScopedThreadJoinActivity); +}; + +} // namespace debug +} // namespace base + +#endif // BASE_DEBUG_ACTIVITY_TRACKER_H_ diff --git a/security/sandbox/chromium-shim/base/debug/crash_logging.cpp b/security/sandbox/chromium-shim/base/debug/crash_logging.cpp new file mode 100644 index 0000000000..b2c3f7afa2 --- /dev/null +++ b/security/sandbox/chromium-shim/base/debug/crash_logging.cpp @@ -0,0 +1,22 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of base/debug/crash_logging.cc + +#include "base/debug/crash_logging.h" + +namespace base { +namespace debug { + +CrashKeyString* AllocateCrashKeyString(const char name[], + CrashKeySize value_length) { + return nullptr; +} + +void SetCrashKeyString(CrashKeyString* crash_key, base::StringPiece value) {} + +} // namespace debug +} // namespace base diff --git a/security/sandbox/chromium-shim/base/debug/debugging_buildflags.h b/security/sandbox/chromium-shim/base/debug/debugging_buildflags.h new file mode 100644 index 0000000000..a2b89849a5 --- /dev/null +++ b/security/sandbox/chromium-shim/base/debug/debugging_buildflags.h @@ -0,0 +1,21 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a copy of a file that is generated by the chromium build, with +// only the build flags we require. + +// Generated by build/write_buildflag_header.py +// From "//base:debugging_buildflags" + +#ifndef BASE_DEBUG_DEBUGGING_BUILDFLAGS_H_ +#define BASE_DEBUG_DEBUGGING_BUILDFLAGS_H_ + +#include "build/buildflag.h" + +#define BUILDFLAG_INTERNAL_ENABLE_LOCATION_SOURCE() (1) +#define BUILDFLAG_INTERNAL_ENABLE_PROFILING() (0) + +#endif // BASE_DEBUG_DEBUGGING_BUILDFLAGS_H_ diff --git a/security/sandbox/chromium-shim/base/debug/stack_trace.h b/security/sandbox/chromium-shim/base/debug/stack_trace.h new file mode 100644 index 0000000000..2ab1485204 --- /dev/null +++ b/security/sandbox/chromium-shim/base/debug/stack_trace.h @@ -0,0 +1,30 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/debug/stack_trace.h +// to provide a dummy class StackTrace. + +#ifndef BASE_DEBUG_STACK_TRACE_H_ +#define BASE_DEBUG_STACK_TRACE_H_ + +#include <iosfwd> + +namespace base { +namespace debug { + +class BASE_EXPORT StackTrace { + public: + StackTrace() {}; + +#if !defined(__UCLIBC__) & !defined(_AIX) + void OutputToStream(std::ostream*) const {} +#endif +}; + +} // namespace debug +} // namespace base + +#endif // BASE_DEBUG_STACK_TRACE_H_ diff --git a/security/sandbox/chromium-shim/base/feature_list.h b/security/sandbox/chromium-shim/base/feature_list.h new file mode 100644 index 0000000000..ada5c22f24 --- /dev/null +++ b/security/sandbox/chromium-shim/base/feature_list.h @@ -0,0 +1,52 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a cut down version of base/feature_list.h. +// This just returns the default state for a feature. + +#ifndef BASE_FEATURE_LIST_H_ +#define BASE_FEATURE_LIST_H_ + +#include "base/macros.h" + +namespace base { + +// Specifies whether a given feature is enabled or disabled by default. +enum FeatureState { + FEATURE_DISABLED_BY_DEFAULT, + FEATURE_ENABLED_BY_DEFAULT, +}; + +// The Feature struct is used to define the default state for a feature. See +// comment below for more details. There must only ever be one struct instance +// for a given feature name - generally defined as a constant global variable or +// file static. It should never be used as a constexpr as it breaks +// pointer-based identity lookup. +struct BASE_EXPORT Feature { + // The name of the feature. This should be unique to each feature and is used + // for enabling/disabling features via command line flags and experiments. + // It is strongly recommended to use CamelCase style for feature names, e.g. + // "MyGreatFeature". + const char* const name; + + // The default state (i.e. enabled or disabled) for this feature. + const FeatureState default_state; +}; + +class BASE_EXPORT FeatureList { + public: + static bool IsEnabled(const Feature& feature) { + return feature.default_state == FEATURE_ENABLED_BY_DEFAULT; + } + + static FeatureList* GetInstance() { return nullptr; } + + DISALLOW_COPY_AND_ASSIGN(FeatureList); +}; + +} // namespace base + +#endif // BASE_FEATURE_LIST_H_ diff --git a/security/sandbox/chromium-shim/base/file_version_info_win.cpp b/security/sandbox/chromium-shim/base/file_version_info_win.cpp new file mode 100644 index 0000000000..bc4d6a4fe0 --- /dev/null +++ b/security/sandbox/chromium-shim/base/file_version_info_win.cpp @@ -0,0 +1,90 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a partial implementation of Chromium's source file +// base/file_version_info_win.cc + +#include "base/file_version_info_win.h" + +#include "base/files/file_path.h" +#include "base/memory/ptr_util.h" +#include "base/threading/scoped_blocking_call.h" + +#include "mozilla/Unused.h" + +namespace { + +struct LanguageAndCodePage { + WORD language; + WORD code_page; +}; + +// Returns the \VarFileInfo\Translation value extracted from the +// VS_VERSION_INFO resource in |data|. +LanguageAndCodePage* GetTranslate(const void* data) { + static constexpr wchar_t kTranslation[] = L"\\VarFileInfo\\Translation"; + LPVOID translate = nullptr; + UINT dummy_size; + if (::VerQueryValue(data, kTranslation, &translate, &dummy_size)) + return static_cast<LanguageAndCodePage*>(translate); + return nullptr; +} + +const VS_FIXEDFILEINFO& GetVsFixedFileInfo(const void* data) { + static constexpr wchar_t kRoot[] = L"\\"; + LPVOID fixed_file_info = nullptr; + UINT dummy_size; + CHECK(::VerQueryValue(data, kRoot, &fixed_file_info, &dummy_size)); + return *static_cast<VS_FIXEDFILEINFO*>(fixed_file_info); +} + +} // namespace + +// static +std::unique_ptr<FileVersionInfoWin> +FileVersionInfoWin::CreateFileVersionInfoWin(const base::FilePath& file_path) { + base::ScopedBlockingCall scoped_blocking_call(FROM_HERE, + base::BlockingType::MAY_BLOCK); + + DWORD dummy; + const wchar_t* path = file_path.value().c_str(); + const DWORD length = ::GetFileVersionInfoSize(path, &dummy); + if (length == 0) + return nullptr; + + std::vector<uint8_t> data(length, 0); + + if (!::GetFileVersionInfo(path, dummy, length, data.data())) + return nullptr; + + const LanguageAndCodePage* translate = GetTranslate(data.data()); + if (!translate) + return nullptr; + + return base::WrapUnique(new FileVersionInfoWin( + std::move(data), translate->language, translate->code_page)); +} + +base::Version FileVersionInfoWin::GetFileVersion() const { + return base::Version({HIWORD(fixed_file_info_.dwFileVersionMS), + LOWORD(fixed_file_info_.dwFileVersionMS), + HIWORD(fixed_file_info_.dwFileVersionLS), + LOWORD(fixed_file_info_.dwFileVersionLS)}); +} + +FileVersionInfoWin::FileVersionInfoWin(std::vector<uint8_t>&& data, + WORD language, + WORD code_page) + : owned_data_(std::move(data)), + data_(owned_data_.data()), + language_(language), + code_page_(code_page), + fixed_file_info_(GetVsFixedFileInfo(data_)) { + DCHECK(!owned_data_.empty()); + + mozilla::Unused << language_; + mozilla::Unused << code_page_; +} diff --git a/security/sandbox/chromium-shim/base/file_version_info_win.h b/security/sandbox/chromium-shim/base/file_version_info_win.h new file mode 100644 index 0000000000..9f41901864 --- /dev/null +++ b/security/sandbox/chromium-shim/base/file_version_info_win.h @@ -0,0 +1,54 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a partial implementation of Chromium's source file +// base/file_version_info_win.h. + +#ifndef BASE_FILE_VERSION_INFO_WIN_H_ +#define BASE_FILE_VERSION_INFO_WIN_H_ + +#include <memory> +#include <vector> + +#include "base/macros.h" +#include "base/version.h" + +#include "mozilla/Assertions.h" + +struct tagVS_FIXEDFILEINFO; +typedef tagVS_FIXEDFILEINFO VS_FIXEDFILEINFO; + +namespace base { +class FilePath; +} + +class FileVersionInfoWin { + public: + static std::unique_ptr<FileVersionInfoWin> CreateFileVersionInfoWin( + const base::FilePath& file_path); + + // Get file version number in dotted version format. + base::Version GetFileVersion() const; + + private: + // |data| is a VS_VERSION_INFO resource. |language| and |code_page| are + // extracted from the \VarFileInfo\Translation value of |data|. + FileVersionInfoWin(std::vector<uint8_t>&& data, + WORD language, + WORD code_page); + + const std::vector<uint8_t> owned_data_; + const void* const data_; + const WORD language_; + const WORD code_page_; + + // This is a reference for a portion of |data_|. + const VS_FIXEDFILEINFO& fixed_file_info_; + + DISALLOW_COPY_AND_ASSIGN(FileVersionInfoWin); +}; + +#endif // BASE_FILE_VERSION_INFO_WIN_H_ diff --git a/security/sandbox/chromium-shim/base/files/file_path.cpp b/security/sandbox/chromium-shim/base/files/file_path.cpp new file mode 100644 index 0000000000..bcbfecab99 --- /dev/null +++ b/security/sandbox/chromium-shim/base/files/file_path.cpp @@ -0,0 +1,217 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// This is a partial implementation of Chromium's source file +// base/file/file_path.cc. + +#include "base/files/file_path.h" + +namespace base { + +using StringType = FilePath::StringType; +using StringPieceType = FilePath::StringPieceType; + +namespace { + +const FilePath::CharType kStringTerminator = FILE_PATH_LITERAL('\0'); + +// If this FilePath contains a drive letter specification, returns the +// position of the last character of the drive letter specification, +// otherwise returns npos. This can only be true on Windows, when a pathname +// begins with a letter followed by a colon. On other platforms, this always +// returns npos. +StringPieceType::size_type FindDriveLetter(StringPieceType path) { +#if defined(FILE_PATH_USES_DRIVE_LETTERS) + // This is dependent on an ASCII-based character set, but that's a + // reasonable assumption. iswalpha can be too inclusive here. + if (path.length() >= 2 && path[1] == L':' && + ((path[0] >= L'A' && path[0] <= L'Z') || + (path[0] >= L'a' && path[0] <= L'z'))) { + return 1; + } +#endif // FILE_PATH_USES_DRIVE_LETTERS + return StringType::npos; +} + +bool IsPathAbsolute(StringPieceType path) { +#if defined(FILE_PATH_USES_DRIVE_LETTERS) + StringType::size_type letter = FindDriveLetter(path); + if (letter != StringType::npos) { + // Look for a separator right after the drive specification. + return path.length() > letter + 1 && + FilePath::IsSeparator(path[letter + 1]); + } + // Look for a pair of leading separators. + return path.length() > 1 && + FilePath::IsSeparator(path[0]) && FilePath::IsSeparator(path[1]); +#else // FILE_PATH_USES_DRIVE_LETTERS + // Look for a separator in the first position. + return path.length() > 0 && FilePath::IsSeparator(path[0]); +#endif // FILE_PATH_USES_DRIVE_LETTERS +} + +} // namespace + +FilePath::FilePath() = default; + +FilePath::FilePath(const FilePath& that) = default; +FilePath::FilePath(FilePath&& that) noexcept = default; + +FilePath::FilePath(StringPieceType path) : path_(path) { + StringType::size_type nul_pos = path_.find(kStringTerminator); + if (nul_pos != StringType::npos) + path_.erase(nul_pos, StringType::npos); +} + +FilePath::~FilePath() = default; + +FilePath& FilePath::operator=(const FilePath& that) = default; + +FilePath& FilePath::operator=(FilePath&& that) = default; + +// static +bool FilePath::IsSeparator(CharType character) { + for (size_t i = 0; i < kSeparatorsLength - 1; ++i) { + if (character == kSeparators[i]) { + return true; + } + } + + return false; +} + +// libgen's dirname and basename aren't guaranteed to be thread-safe and aren't +// guaranteed to not modify their input strings, and in fact are implemented +// differently in this regard on different platforms. Don't use them, but +// adhere to their behavior. +FilePath FilePath::DirName() const { + FilePath new_path(path_); + new_path.StripTrailingSeparatorsInternal(); + + // The drive letter, if any, always needs to remain in the output. If there + // is no drive letter, as will always be the case on platforms which do not + // support drive letters, letter will be npos, or -1, so the comparisons and + // resizes below using letter will still be valid. + StringType::size_type letter = FindDriveLetter(new_path.path_); + + StringType::size_type last_separator = + new_path.path_.find_last_of(kSeparators, StringType::npos, + kSeparatorsLength - 1); + if (last_separator == StringType::npos) { + // path_ is in the current directory. + new_path.path_.resize(letter + 1); + } else if (last_separator == letter + 1) { + // path_ is in the root directory. + new_path.path_.resize(letter + 2); + } else if (last_separator == letter + 2 && + IsSeparator(new_path.path_[letter + 1])) { + // path_ is in "//" (possibly with a drive letter); leave the double + // separator intact indicating alternate root. + new_path.path_.resize(letter + 3); + } else if (last_separator != 0) { + // path_ is somewhere else, trim the basename. + new_path.path_.resize(last_separator); + } + + new_path.StripTrailingSeparatorsInternal(); + if (!new_path.path_.length()) + new_path.path_ = kCurrentDirectory; + + return new_path; +} + +FilePath FilePath::BaseName() const { + FilePath new_path(path_); + new_path.StripTrailingSeparatorsInternal(); + + // The drive letter, if any, is always stripped. + StringType::size_type letter = FindDriveLetter(new_path.path_); + if (letter != StringType::npos) { + new_path.path_.erase(0, letter + 1); + } + + // Keep everything after the final separator, but if the pathname is only + // one character and it's a separator, leave it alone. + StringType::size_type last_separator = + new_path.path_.find_last_of(kSeparators, StringType::npos, + kSeparatorsLength - 1); + if (last_separator != StringType::npos && + last_separator < new_path.path_.length() - 1) { + new_path.path_.erase(0, last_separator + 1); + } + + return new_path; +} + +FilePath FilePath::Append(StringPieceType component) const { + StringPieceType appended = component; + StringType without_nuls; + + StringType::size_type nul_pos = component.find(kStringTerminator); + if (nul_pos != StringPieceType::npos) { + without_nuls = StringType(component.substr(0, nul_pos)); + appended = StringPieceType(without_nuls); + } + + DCHECK(!IsPathAbsolute(appended)); + + if (path_.compare(kCurrentDirectory) == 0 && !appended.empty()) { + // Append normally doesn't do any normalization, but as a special case, + // when appending to kCurrentDirectory, just return a new path for the + // component argument. Appending component to kCurrentDirectory would + // serve no purpose other than needlessly lengthening the path, and + // it's likely in practice to wind up with FilePath objects containing + // only kCurrentDirectory when calling DirName on a single relative path + // component. + return FilePath(appended); + } + + FilePath new_path(path_); + new_path.StripTrailingSeparatorsInternal(); + + // Don't append a separator if the path is empty (indicating the current + // directory) or if the path component is empty (indicating nothing to + // append). + if (!appended.empty() && !new_path.path_.empty()) { + // Don't append a separator if the path still ends with a trailing + // separator after stripping (indicating the root directory). + if (!IsSeparator(new_path.path_.back())) { + // Don't append a separator if the path is just a drive letter. + if (FindDriveLetter(new_path.path_) + 1 != new_path.path_.length()) { + new_path.path_.append(1, kSeparators[0]); + } + } + } + + new_path.path_.append(appended.data(), appended.size()); + return new_path; +} + +FilePath FilePath::Append(const FilePath& component) const { + return Append(component.value()); +} + +void FilePath::StripTrailingSeparatorsInternal() { + // If there is no drive letter, start will be 1, which will prevent stripping + // the leading separator if there is only one separator. If there is a drive + // letter, start will be set appropriately to prevent stripping the first + // separator following the drive letter, if a separator immediately follows + // the drive letter. + StringType::size_type start = FindDriveLetter(path_) + 2; + + StringType::size_type last_stripped = StringType::npos; + for (StringType::size_type pos = path_.length(); + pos > start && IsSeparator(path_[pos - 1]); + --pos) { + // If the string only has two separators and they're at the beginning, + // don't strip them, unless the string began with more than two separators. + if (pos != start + 1 || last_stripped == start + 2 || + !IsSeparator(path_[start - 1])) { + path_.resize(pos - 1); + last_stripped = pos; + } + } +} + +} // namespace base diff --git a/security/sandbox/chromium-shim/base/files/file_util.h b/security/sandbox/chromium-shim/base/files/file_util.h new file mode 100644 index 0000000000..bd6ce0c0a8 --- /dev/null +++ b/security/sandbox/chromium-shim/base/files/file_util.h @@ -0,0 +1,11 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a cut down version of Chromium source file base/files/file_util.h +// This is included in base/memory/shared_memory.h, but it only actually +// requires the include for base/files/file_path.h. + +#include "base/files/file_path.h" diff --git a/security/sandbox/chromium-shim/base/gtest_prod_util.h b/security/sandbox/chromium-shim/base/gtest_prod_util.h new file mode 100644 index 0000000000..b45a1586b0 --- /dev/null +++ b/security/sandbox/chromium-shim/base/gtest_prod_util.h @@ -0,0 +1,22 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef BASE_GTEST_PROD_UTIL_H_ +#define BASE_GTEST_PROD_UTIL_H_ + +#ifndef FRIEND_TEST +#define FRIEND_TEST(A, B) +#endif + +#ifndef FRIEND_TEST_ALL_PREFIXES +#define FRIEND_TEST_ALL_PREFIXES(test_case_name, test_name) +#endif + +#ifndef FORWARD_DECLARE_TEST +#define FORWARD_DECLARE_TEST(test_case_name, test_name) +#endif + +#endif // BASE_GTEST_PROD_UTIL_H_ diff --git a/security/sandbox/chromium-shim/base/logging.cpp b/security/sandbox/chromium-shim/base/logging.cpp new file mode 100644 index 0000000000..9ac163c0ea --- /dev/null +++ b/security/sandbox/chromium-shim/base/logging.cpp @@ -0,0 +1,160 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a stripped down version of the Chromium source file base/logging.cc +// This prevents dependency on the Chromium logging and dependency creep in +// general. +// At some point we should find a way to hook this into our own logging see +// bug 1013988. +// The formatting in this file matches the original Chromium file to aid future +// merging. + +#include "base/logging.h" + +#if defined(OS_WIN) +#include <windows.h> +#endif + +#if defined(OS_POSIX) +#include <errno.h> +#endif + +#if defined(OS_WIN) +#include "base/strings/utf_string_conversions.h" +#endif + +#include <algorithm> + +#include "mozilla/Assertions.h" +#include "mozilla/Unused.h" + +namespace logging { + +namespace { + +int g_min_log_level = 0; + +LoggingDestination g_logging_destination = LOG_DEFAULT; + +// For LOG_ERROR and above, always print to stderr. +const int kAlwaysPrintErrorLevel = LOG_ERROR; + +// A log message handler that gets notified of every log message we process. +LogMessageHandlerFunction log_message_handler = nullptr; + +} // namespace + +// This is never instantiated, it's just used for EAT_STREAM_PARAMETERS to have +// an object of the correct type on the LHS of the unused part of the ternary +// operator. +std::ostream* g_swallow_stream; + +void SetMinLogLevel(int level) { + g_min_log_level = std::min(LOG_FATAL, level); +} + +int GetMinLogLevel() { + return g_min_log_level; +} + +bool ShouldCreateLogMessage(int severity) { + if (severity < g_min_log_level) + return false; + + // Return true here unless we know ~LogMessage won't do anything. Note that + // ~LogMessage writes to stderr if severity_ >= kAlwaysPrintErrorLevel, even + // when g_logging_destination is LOG_NONE. + return g_logging_destination != LOG_NONE || log_message_handler || + severity >= kAlwaysPrintErrorLevel; +} + +int GetVlogLevelHelper(const char* file, size_t N) { + return 0; +} + +// Explicit instantiations for commonly used comparisons. +template std::string* MakeCheckOpString<int, int>( + const int&, const int&, const char* names); +template std::string* MakeCheckOpString<unsigned long, unsigned long>( + const unsigned long&, const unsigned long&, const char* names); +template std::string* MakeCheckOpString<unsigned long, unsigned int>( + const unsigned long&, const unsigned int&, const char* names); +template std::string* MakeCheckOpString<unsigned int, unsigned long>( + const unsigned int&, const unsigned long&, const char* names); +template std::string* MakeCheckOpString<std::string, std::string>( + const std::string&, const std::string&, const char* name); + +LogMessage::LogMessage(const char* file, int line, LogSeverity severity) + : severity_(severity), file_(file), line_(line) { +} + +LogMessage::LogMessage(const char* file, int line, const char* condition) + : severity_(LOG_FATAL), file_(file), line_(line) { +} + +LogMessage::LogMessage(const char* file, int line, std::string* result) + : severity_(LOG_FATAL), file_(file), line_(line) { + delete result; +} + +LogMessage::LogMessage(const char* file, int line, LogSeverity severity, + std::string* result) + : severity_(severity), file_(file), line_(line) { + delete result; +} + +LogMessage::~LogMessage() { + if (severity_ == LOG_FATAL) { + MOZ_CRASH("Hit fatal chromium sandbox condition."); + } +} + +SystemErrorCode GetLastSystemErrorCode() { +#if defined(OS_WIN) + return ::GetLastError(); +#elif defined(OS_POSIX) + return errno; +#else +#error Not implemented +#endif +} + +#if defined(OS_WIN) +Win32ErrorLogMessage::Win32ErrorLogMessage(const char* file, + int line, + LogSeverity severity, + SystemErrorCode err) + : err_(err), + log_message_(file, line, severity) { + mozilla::Unused << err_; +} + +Win32ErrorLogMessage::~Win32ErrorLogMessage() { +} +#elif defined(OS_POSIX) +ErrnoLogMessage::ErrnoLogMessage(const char* file, + int line, + LogSeverity severity, + SystemErrorCode err) + : err_(err), + log_message_(file, line, severity) { + mozilla::Unused << err_; +} + +ErrnoLogMessage::~ErrnoLogMessage() { +} +#endif // OS_WIN + +void RawLog(int level, const char* message) { +} + +} // namespace logging + +#if defined(OS_WIN) +std::ostream& std::operator<<(std::ostream& out, const wchar_t* wstr) { + return out << base::WideToUTF8(std::wstring(wstr)); +} +#endif diff --git a/security/sandbox/chromium-shim/base/logging_buildflags.h b/security/sandbox/chromium-shim/base/logging_buildflags.h new file mode 100644 index 0000000000..4c7b5451a3 --- /dev/null +++ b/security/sandbox/chromium-shim/base/logging_buildflags.h @@ -0,0 +1,20 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a copy of a file that is generated by the chromium build, with
+// only the build flags we require.
+
+// Generated by build/write_buildflag_header.py
+// From "//base:logging_buildflags"
+
+#ifndef BASE_LOGGING_BUILDFLAGS_H_
+#define BASE_LOGGING_BUILDFLAGS_H_
+
+#include "build/buildflag.h"
+
+#define BUILDFLAG_INTERNAL_ENABLE_LOG_ERROR_NOT_REACHED() (0)
+
+#endif // BASE_LOGGING_BUILDFLAGS_H_
diff --git a/security/sandbox/chromium-shim/base/memory/shared_memory_tracker.h b/security/sandbox/chromium-shim/base/memory/shared_memory_tracker.h new file mode 100644 index 0000000000..0439410ebb --- /dev/null +++ b/security/sandbox/chromium-shim/base/memory/shared_memory_tracker.h @@ -0,0 +1,40 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public +* License, v. 2.0. If a copy of the MPL was not distributed with this +* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/memory/shared_memory_tracker.h. +// To provide a class required in base/memory/shared_memory_win.cc. +// The class is used for memory tracking and dumping, which we don't use and +// has significant dependencies. + +#ifndef BASE_MEMORY_SHARED_MEMORY_TRACKER_H_ +#define BASE_MEMORY_SHARED_MEMORY_TRACKER_H_ + +namespace base { + +// SharedMemoryTracker tracks shared memory usage. +class BASE_EXPORT SharedMemoryTracker { + public: + // Returns a singleton instance. + static SharedMemoryTracker* GetInstance() + { + static SharedMemoryTracker* instance = new SharedMemoryTracker; + return instance; + } + + void IncrementMemoryUsage(const SharedMemoryMapping& mapping) {}; + + void DecrementMemoryUsage(const SharedMemoryMapping& mapping) {}; + + private: + SharedMemoryTracker() {}; + ~SharedMemoryTracker() = default; + + DISALLOW_COPY_AND_ASSIGN(SharedMemoryTracker); +}; + +} // namespace base + +#endif // BASE_MEMORY_SHARED_MEMORY_TRACKER_H_ diff --git a/security/sandbox/chromium-shim/base/metrics/histogram_functions.h b/security/sandbox/chromium-shim/base/metrics/histogram_functions.h new file mode 100644 index 0000000000..408e51b408 --- /dev/null +++ b/security/sandbox/chromium-shim/base/metrics/histogram_functions.h @@ -0,0 +1,20 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/metrics/histogram_functions.h. +// To provide to empty histogram functions required for compilation. +// We don't require Chromiums histogram collection code. + +#ifndef BASE_METRICS_HISTOGRAM_FUNCTIONS_H_ +#define BASE_METRICS_HISTOGRAM_FUNCTIONS_H_ + +namespace base { + +BASE_EXPORT void UmaHistogramSparse(const std::string& name, int sample) {} + +} // namespace base + +#endif // BASE_METRICS_HISTOGRAM_FUNCTIONS_H_ diff --git a/security/sandbox/chromium-shim/base/metrics/histogram_macros.h b/security/sandbox/chromium-shim/base/metrics/histogram_macros.h new file mode 100644 index 0000000000..725d7f8076 --- /dev/null +++ b/security/sandbox/chromium-shim/base/metrics/histogram_macros.h @@ -0,0 +1,16 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/metrics/histogram_macros.h. +// To provide empty histogram macros required for compilation. +// We don't require Chromiums histogram collection code. + +#ifndef BASE_METRICS_HISTOGRAM_MACROS_H_ +#define BASE_METRICS_HISTOGRAM_MACROS_H_ + +#define UMA_HISTOGRAM_ENUMERATION(name, sample) do { } while (0) + +#endif // BASE_METRICS_HISTOGRAM_MACROS_H_ diff --git a/security/sandbox/chromium-shim/base/observer_list.h b/security/sandbox/chromium-shim/base/observer_list.h new file mode 100644 index 0000000000..1d539dacb9 --- /dev/null +++ b/security/sandbox/chromium-shim/base/observer_list.h @@ -0,0 +1,12 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a cut down version of //base/observer_list.h + +#ifndef BASE_OBSERVER_LIST_H_ +#define BASE_OBSERVER_LIST_H_ + +#endif // BASE_OBSERVER_LIST_H_ diff --git a/security/sandbox/chromium-shim/base/process/launch.h b/security/sandbox/chromium-shim/base/process/launch.h new file mode 100644 index 0000000000..5ead4b40e9 --- /dev/null +++ b/security/sandbox/chromium-shim/base/process/launch.h @@ -0,0 +1,25 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// This is a reduced version of Chromium's //base/process/launch.h
+// to satisfy compiler.
+
+#ifndef BASE_PROCESS_LAUNCH_H_
+#define BASE_PROCESS_LAUNCH_H_
+
+#include <vector>
+
+#include "base/environment.h"
+
+namespace base {
+
+#if defined(OS_WIN)
+typedef std::vector<HANDLE> HandlesToInheritVector;
+#endif
+
+} // namespace base
+
+#endif // BASE_PROCESS_LAUNCH_H_
diff --git a/security/sandbox/chromium-shim/base/process/memory_win.cpp b/security/sandbox/chromium-shim/base/process/memory_win.cpp new file mode 100644 index 0000000000..26987fc410 --- /dev/null +++ b/security/sandbox/chromium-shim/base/process/memory_win.cpp @@ -0,0 +1,17 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "base/process/memory.h" + +#include "mozilla/Assertions.h" + +namespace base { + +void TerminateBecauseOutOfMemory(size_t size) { + MOZ_CRASH("Hit base::TerminateBecauseOutOfMemory"); +} + +} // namespace base diff --git a/security/sandbox/chromium-shim/base/scoped_native_library.h b/security/sandbox/chromium-shim/base/scoped_native_library.h new file mode 100644 index 0000000000..d6fdf478ec --- /dev/null +++ b/security/sandbox/chromium-shim/base/scoped_native_library.h @@ -0,0 +1,31 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a cut down version of Chromium source file base/scoped_native_library.h +// The chromium sandbox only requires ScopedNativeLibrary class to automatically +// unload the library, which we can achieve with UniquePtr. + +#ifndef BASE_SCOPED_NATIVE_LIBRARY_H_ +#define BASE_SCOPED_NATIVE_LIBRARY_H_ + +#include "mozilla/UniquePtr.h" + +namespace base { + +struct HModuleFreePolicy +{ + typedef HMODULE pointer; + void operator()(pointer hModule) + { + ::FreeLibrary(hModule); + } +}; + +typedef mozilla::UniquePtr<HMODULE, HModuleFreePolicy> ScopedNativeLibrary; + +} // namespace base + +#endif // BASE_SCOPED_NATIVE_LIBRARY_H_ diff --git a/security/sandbox/chromium-shim/base/synchronization/synchronization_buildflags.h b/security/sandbox/chromium-shim/base/synchronization/synchronization_buildflags.h new file mode 100644 index 0000000000..4b79551541 --- /dev/null +++ b/security/sandbox/chromium-shim/base/synchronization/synchronization_buildflags.h @@ -0,0 +1,17 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of a file that is generated by the chromium build +// from base/BUILD.gn. + +#ifndef BASE_SYNCHRONIZATION_SYNCHRONIZATION_BUILDFLAGS_H_ +#define BASE_SYNCHRONIZATION_SYNCHRONIZATION_BUILDFLAGS_H_ + +#include "build/buildflag.h" + +#define BUILDFLAG_INTERNAL_ENABLE_MUTEX_PRIORITY_INHERITANCE() (0) + +#endif // BASE_SYNCHRONIZATION_SYNCHRONIZATION_BUILDFLAGS_H_ diff --git a/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h b/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h new file mode 100644 index 0000000000..9a18a36376 --- /dev/null +++ b/security/sandbox/chromium-shim/base/third_party/nspr/prtime.h @@ -0,0 +1,8 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// Grab the copy from in our tree +#include "pr/include/prtime.h" diff --git a/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h b/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h new file mode 100644 index 0000000000..6aec5e08fb --- /dev/null +++ b/security/sandbox/chromium-shim/base/third_party/nspr/prtypes.h @@ -0,0 +1,8 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// Grab the copy from in our tree +#include "pr/include/prtypes.h" diff --git a/security/sandbox/chromium-shim/base/threading/platform_thread_linux.cpp b/security/sandbox/chromium-shim/base/threading/platform_thread_linux.cpp new file mode 100644 index 0000000000..aed65a06bd --- /dev/null +++ b/security/sandbox/chromium-shim/base/threading/platform_thread_linux.cpp @@ -0,0 +1,69 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a cut down version of Chromium source file base/threading/platform_thread_linux.h +// with only the functions required. It also has a dummy implementation of +// SetCurrentThreadPriorityForPlatform, which should not be called. + +#include "base/threading/platform_thread.h" + +#include "base/threading/platform_thread_internal_posix.h" + +#include "mozilla/Assertions.h" + +namespace base { +namespace internal { + +namespace { +const struct sched_param kRealTimePrio = {8}; +} // namespace + +const ThreadPriorityToNiceValuePair kThreadPriorityToNiceValueMap[4] = { + {ThreadPriority::BACKGROUND, 10}, + {ThreadPriority::NORMAL, 0}, + {ThreadPriority::DISPLAY, -8}, + {ThreadPriority::REALTIME_AUDIO, -10}, +}; + + +Optional<bool> CanIncreaseCurrentThreadPriorityForPlatform( + ThreadPriority priority) { + MOZ_CRASH(); +} + +bool SetCurrentThreadPriorityForPlatform(ThreadPriority priority) { + MOZ_CRASH(); +} + +Optional<ThreadPriority> GetCurrentThreadPriorityForPlatform() { + int maybe_sched_rr = 0; + struct sched_param maybe_realtime_prio = {0}; + if (pthread_getschedparam(pthread_self(), &maybe_sched_rr, + &maybe_realtime_prio) == 0 && + maybe_sched_rr == SCHED_RR && + maybe_realtime_prio.sched_priority == kRealTimePrio.sched_priority) { + return base::make_optional(ThreadPriority::REALTIME_AUDIO); + } + return base::nullopt; +} + +} // namespace internal + +void InitThreading() {} + +void TerminateOnThread() {} + +size_t GetDefaultThreadStackSize(const pthread_attr_t& attributes) { +#if !defined(THREAD_SANITIZER) + return 0; +#else + // ThreadSanitizer bloats the stack heavily. Evidence has been that the + // default stack size isn't enough for some browser tests. + return 2 * (1 << 23); // 2 times 8192K (the default stack size on Linux). +#endif +} + +} // namespace base diff --git a/security/sandbox/chromium-shim/base/threading/scoped_blocking_call.h b/security/sandbox/chromium-shim/base/threading/scoped_blocking_call.h new file mode 100644 index 0000000000..519850d34a --- /dev/null +++ b/security/sandbox/chromium-shim/base/threading/scoped_blocking_call.h @@ -0,0 +1,47 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file +// base/threading/scoped_blocking_call.h +// To provide to a dummy ScopedBlockingCall class. This prevents dependency +// creep and we don't use the rest of the blocking call checking. + +#ifndef BASE_THREADING_SCOPED_BLOCKING_CALL_H +#define BASE_THREADING_SCOPED_BLOCKING_CALL_H + +#include "base/base_export.h" +#include "base/location.h" + +namespace base { + +enum class BlockingType { + // The call might block (e.g. file I/O that might hit in memory cache). + MAY_BLOCK, + // The call will definitely block (e.g. cache already checked and now pinging + // server synchronously). + WILL_BLOCK +}; + +class BASE_EXPORT ScopedBlockingCall { + public: + ScopedBlockingCall(const Location& from_here, BlockingType blocking_type) {}; + ~ScopedBlockingCall() {}; +}; + +namespace internal { + +class BASE_EXPORT ScopedBlockingCallWithBaseSyncPrimitives { + public: + ScopedBlockingCallWithBaseSyncPrimitives(const Location& from_here, + BlockingType blocking_type) {} + ~ScopedBlockingCallWithBaseSyncPrimitives() {}; +}; + +} // namespace internal + +} // namespace base + +#endif // BASE_THREADING_SCOPED_BLOCKING_CALL_H diff --git a/security/sandbox/chromium-shim/base/trace_event/heap_profiler_allocation_context_tracker.h b/security/sandbox/chromium-shim/base/trace_event/heap_profiler_allocation_context_tracker.h new file mode 100644 index 0000000000..bb2cca0ec4 --- /dev/null +++ b/security/sandbox/chromium-shim/base/trace_event/heap_profiler_allocation_context_tracker.h @@ -0,0 +1,32 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of Chromium source file base/trace_event/heap_profiler_allocation_context_tracker.h. +// To provide a function required in base/threading/thread_id_name_manager.cc +// SetCurrentThreadName. We don't use the heap profiler. + +#ifndef BASE_TRACE_EVENT_HEAP_PROFILER_ALLOCATION_CONTEXT_TRACKER_H_ +#define BASE_TRACE_EVENT_HEAP_PROFILER_ALLOCATION_CONTEXT_TRACKER_H_ + +namespace base { +namespace trace_event { + +// The allocation context tracker keeps track of thread-local context for heap +// profiling. It includes a pseudo stack of trace events. On every allocation +// the tracker provides a snapshot of its context in the form of an +// |AllocationContext| that is to be stored together with the allocation +// details. +class BASE_EXPORT AllocationContextTracker { + public: + static void SetCurrentThreadName(const char* name) {} + + DISALLOW_COPY_AND_ASSIGN(AllocationContextTracker); +}; + +} // namespace trace_event +} // namespace base + +#endif // BASE_TRACE_EVENT_HEAP_PROFILER_ALLOCATION_CONTEXT_TRACKER_H_ diff --git a/security/sandbox/chromium-shim/base/tracked_objects.h b/security/sandbox/chromium-shim/base/tracked_objects.h new file mode 100644 index 0000000000..092c9533f6 --- /dev/null +++ b/security/sandbox/chromium-shim/base/tracked_objects.h @@ -0,0 +1,23 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef _SECURITY_SANDBOX_TRACKED_OBJECTS_H_ +#define _SECURITY_SANDBOX_TRACKED_OBJECTS_H_ + +#include "mozilla/Assertions.h" + +namespace tracked_objects +{ + class ThreadData + { + public: + static void InitializeThreadContext(const std::string& name) + { + MOZ_CRASH(); + } + }; +} +#endif diff --git a/security/sandbox/chromium-shim/base/win/base_win_buildflags.h b/security/sandbox/chromium-shim/base/win/base_win_buildflags.h new file mode 100644 index 0000000000..93d3e11a45 --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/base_win_buildflags.h @@ -0,0 +1,17 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a dummy version of a file that is generated by the chromium build +// from base/win/BUILD.gn. + +#ifndef BASE_WIN_BASE_WIN_BUILDFLAGS_H_ +#define BASE_WIN_BASE_WIN_BUILDFLAGS_H_ + +#include "build/buildflag.h" + +#define BUILDFLAG_INTERNAL_SINGLE_MODULE_MODE_HANDLE_VERIFIER() (0) + +#endif // BASE_WIN_BASE_WIN_BUILDFLAGS_H_ diff --git a/security/sandbox/chromium-shim/base/win/registry.h b/security/sandbox/chromium-shim/base/win/registry.h new file mode 100644 index 0000000000..e5d0f26ed2 --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/registry.h @@ -0,0 +1,48 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a stripped down version of Chromium source file base/win/registry.h +// Within our copy of Chromium files this is only used in base/win/windows_version.cc +// in OSInfo::processor_model_name, which we don't use. +// It is also used in GetUBR, which is used as the VersionNumber.patch, which +// again is not needed by the sandbox. + +#ifndef BASE_WIN_REGISTRY_H_ +#define BASE_WIN_REGISTRY_H_ + +#include <winerror.h> + +namespace base { +namespace win { + +class BASE_EXPORT RegKey { + public: + RegKey() {}; + RegKey(HKEY rootkey, const wchar_t* subkey, REGSAM access) {} + ~RegKey() {} + + LONG Open(HKEY rootkey, const wchar_t* subkey, REGSAM access) { + return ERROR_CANTOPEN; + } + + LONG ReadValueDW(const wchar_t* name, DWORD* out_value) const + { + return ERROR_CANTREAD; + } + + LONG ReadValue(const wchar_t* name, std::wstring* out_value) const + { + return ERROR_CANTREAD; + } + + private: + DISALLOW_COPY_AND_ASSIGN(RegKey); +}; + +} // namespace win +} // namespace base + +#endif // BASE_WIN_REGISTRY_H_ diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h new file mode 100644 index 0000000000..02c79046e8 --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h @@ -0,0 +1,379 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ +#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ + +#include <windows.h> + +// This file contains definitions required for things dynamically loaded +// while building or targetting lower platform versions or lower SDKs. + +#if (_WIN32_WINNT < 0x0602) +#define ProcThreadAttributeSecurityCapabilities 9 +#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \ + ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE) + +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003uLL << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000uLL << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001uLL << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002uLL << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003uLL << 32) + +typedef struct _MEMORY_PRIORITY_INFORMATION { + ULONG MemoryPriority; +} MEMORY_PRIORITY_INFORMATION, *PMEMORY_PRIORITY_INFORMATION; + +WINBASEAPI +BOOL +WINAPI +GetThreadInformation( + _In_ HANDLE hThread, + _In_ THREAD_INFORMATION_CLASS ThreadInformationClass, + _Out_writes_bytes_(ThreadInformationSize) LPVOID ThreadInformation, + _In_ DWORD ThreadInformationSize + ); + +WINBASEAPI +BOOL +WINAPI +SetThreadInformation( + _In_ HANDLE hThread, + _In_ THREAD_INFORMATION_CLASS ThreadInformationClass, + _In_reads_bytes_(ThreadInformationSize) LPVOID ThreadInformation, + _In_ DWORD ThreadInformationSize +); + +// Check if we're including >= win8 winnt.h +#ifndef NTDDI_WIN8 + +typedef struct _SECURITY_CAPABILITIES { + PSID AppContainerSid; + PSID_AND_ATTRIBUTES Capabilities; + DWORD CapabilityCount; + DWORD Reserved; +} SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES; + +typedef enum _PROCESS_MITIGATION_POLICY { + ProcessDEPPolicy, + ProcessASLRPolicy, + ProcessReserved1MitigationPolicy, + ProcessStrictHandleCheckPolicy, + ProcessSystemCallDisablePolicy, + ProcessMitigationOptionsMask, + ProcessExtensionPointDisablePolicy, + MaxProcessMitigationPolicy +} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY; + +#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000 + +typedef struct _PROCESS_MITIGATION_ASLR_POLICY { + union { + DWORD Flags; + struct { + DWORD EnableBottomUpRandomization : 1; + DWORD EnableForceRelocateImages : 1; + DWORD EnableHighEntropy : 1; + DWORD DisallowStrippedImages : 1; + DWORD ReservedFlags : 28; + }; + }; +} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY; + +typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY { + union { + DWORD Flags; + struct { + DWORD RaiseExceptionOnInvalidHandleReference : 1; + DWORD HandleExceptionsPermanentlyEnabled : 1; + DWORD ReservedFlags : 30; + }; + }; +} PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY; + +typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY { + union { + DWORD Flags; + struct { + DWORD DisallowWin32kSystemCalls : 1; + DWORD ReservedFlags : 31; + }; + }; +} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY; + +typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY { + union { + DWORD Flags; + struct { + DWORD DisableExtensionPoints : 1; + DWORD ReservedFlags : 31; + }; + }; +} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY; + +#endif // NTDDI_WIN8 + +WINBASEAPI +BOOL +WINAPI +GetProcessMitigationPolicy( + _In_ HANDLE hProcess, + _In_ PROCESS_MITIGATION_POLICY MitigationPolicy, + _Out_writes_bytes_(dwLength) PVOID lpBuffer, + _In_ SIZE_T dwLength + ); + +WINBASEAPI +BOOL +WINAPI +SetProcessMitigationPolicy( + _In_ PROCESS_MITIGATION_POLICY MitigationPolicy, + _In_reads_bytes_(dwLength) PVOID lpBuffer, + _In_ SIZE_T dwLength + ); + +#if !defined(_USERENV_) +#define USERENVAPI DECLSPEC_IMPORT +#else +#define USERENVAPI +#endif + +USERENVAPI +HRESULT +WINAPI +CreateAppContainerProfile(_In_ PCWSTR pszAppContainerName, + _In_ PCWSTR pszDisplayName, + _In_ PCWSTR pszDescription, + _In_reads_opt_(dwCapabilityCount) + PSID_AND_ATTRIBUTES pCapabilities, + _In_ DWORD dwCapabilityCount, + _Outptr_ PSID* ppSidAppContainerSid); + +USERENVAPI +HRESULT +WINAPI +DeleteAppContainerProfile( + _In_ PCWSTR pszAppContainerName); + +USERENVAPI +HRESULT +WINAPI +GetAppContainerRegistryLocation( + _In_ REGSAM desiredAccess, + _Outptr_ PHKEY phAppContainerKey); + +USERENVAPI +HRESULT +WINAPI +GetAppContainerFolderPath( + _In_ PCWSTR pszAppContainerSid, + _Outptr_ PWSTR *ppszPath); + +USERENVAPI +HRESULT +WINAPI +DeriveAppContainerSidFromAppContainerName( + _In_ PCWSTR pszAppContainerName, + _Outptr_ PSID *ppsidAppContainerSid); + +#endif // (_WIN32_WINNT < 0x0602) + +#if (_WIN32_WINNT < 0x0603) +// +// Define dynamic code options. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_MASK (0x00000003uLL << 36) +#define PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_DEFER (0x00000000uLL << 36) +#define PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_ALWAYS_ON (0x00000001uLL << 36) +#define PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_ALWAYS_OFF (0x00000002uLL << 36) +#define PROCESS_CREATION_MITIGATION_POLICY_PROHIBIT_DYNAMIC_CODE_ALWAYS_ON_ALLOW_OPT_OUT (0x00000003uLL << 36) + +// +// Define Control Flow Guard (CFG) mitigation policy options. Control Flow +// Guard allows indirect control transfers to be checked at runtime. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_MASK (0x00000003uLL << 40) +#define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_DEFER (0x00000000uLL << 40) +#define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_ALWAYS_ON (0x00000001uLL << 40) +#define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_ALWAYS_OFF (0x00000002uLL << 40) +#define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_EXPORT_SUPPRESSION (0x00000003uLL << 40) + +// +// Define module signature options. When enabled, this option will +// block mapping of non-microsoft binaries. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_MASK (0x00000003uLL << 44) +#define PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_DEFER (0x00000000uLL << 44) +#define PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON (0x00000001uLL << 44) +#define PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_OFF (0x00000002uLL << 44) +#define PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_RESERVED (0x00000003uLL << 44) +#endif + +#if (_WIN32_WINNT < 0x0A00) +// +// Define Font Disable Policy. When enabled, this option will +// block loading Non System Fonts. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_MASK (0x00000003uLL << 48) +#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_DEFER (0x00000000uLL << 48) +#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_ALWAYS_ON (0x00000001uLL << 48) +#define PROCESS_CREATION_MITIGATION_POLICY_FONT_DISABLE_ALWAYS_OFF (0x00000002uLL << 48) +#define PROCESS_CREATION_MITIGATION_POLICY_AUDIT_NONSYSTEM_FONTS (0x00000003uLL << 48) + +// +// Define remote image load options. When enabled, this option will +// block mapping of images from remote devices. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_MASK (0x00000003uLL << 52) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_DEFER (0x00000000uLL << 52) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_ALWAYS_ON (0x00000001uLL << 52) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_ALWAYS_OFF (0x00000002uLL << 52) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_REMOTE_RESERVED (0x00000003uLL << 52) + +// +// Define low IL image load options. When enabled, this option will +// block mapping of images that have the low mandatory label. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_MASK (0x00000003uLL << 56) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_DEFER (0x00000000uLL << 56) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_ALWAYS_ON (0x00000001uLL << 56) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_ALWAYS_OFF (0x00000002uLL << 56) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_NO_LOW_LABEL_RESERVED (0x00000003uLL << 56) + +// +// Define image load options to prefer System32 images compared to +// the same images in application directory. When enabled, this option +// will prefer loading images from system32 folder. +// + +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_MASK (0x00000003uLL << 60) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_DEFER (0x00000000uLL << 60) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON (0x00000001uLL << 60) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_OFF (0x00000002uLL << 60) +#define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_RESERVED (0x00000003uLL << 60) + +// +// Define the restricted indirect branch prediction mitigation policy options. +// + +#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_MASK (0x00000003ui64 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_DEFER (0x00000000ui64 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_ALWAYS_ON (0x00000001ui64 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_ALWAYS_OFF (0x00000002ui64 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY2_RESTRICT_INDIRECT_BRANCH_PREDICTION_RESERVED (0x00000003ui64 << 16) + +// +// Define the user-mode shadow stack mitigation policy options. +// + +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_MASK (0x00000003ui64 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_DEFER (0x00000000ui64 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_ALWAYS_ON (0x00000001ui64 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_ALWAYS_OFF (0x00000002ui64 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_RESERVED (0x00000003ui64 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY2_CET_USER_SHADOW_STACKS_STRICT_MODE (0x00000003ui64 << 28) + +// +// Define Attribute to disable creation of child process +// + +#define PROCESS_CREATION_CHILD_PROCESS_RESTRICTED 0x01 +#define PROCESS_CREATION_CHILD_PROCESS_OVERRIDE 0x02 + +// +// Define Attribute for Desktop Appx Overide. +// + +#define PROCESS_CREATION_DESKTOP_APPX_OVERRIDE 0x04 + +#define ProcThreadAttributeChildProcessPolicy 14 + +#define PROC_THREAD_ATTRIBUTE_CHILD_PROCESS_POLICY \ + ProcThreadAttributeValue (ProcThreadAttributeChildProcessPolicy, FALSE, TRUE, FALSE) + +// +// Define Attribute to opt out of matching All Application Packages +// + +#define PROCESS_CREATION_ALL_APPLICATION_PACKAGES_OPT_OUT 0x01 + +#define ProcThreadAttributeAllApplicationPackagesPolicy 15 + +#define PROC_THREAD_ATTRIBUTE_ALL_APPLICATION_PACKAGES_POLICY \ + ProcThreadAttributeValue (ProcThreadAttributeAllApplicationPackagesPolicy, FALSE, TRUE, FALSE) + +// +// Define functions declared only when _WIN32_WINNT >= 0x0A00 +// + +WINBASEAPI +BOOL +WINAPI +IsWow64Process2( + _In_ HANDLE hProcess, + _Out_ USHORT* pProcessMachine, + _Out_opt_ USHORT* pNativeMachine + ); + +WINBASEAPI +BOOL +WINAPI +IsUserCetAvailableInEnvironment( + _In_ DWORD UserCetEnvironment + ); + +#define USER_CET_ENVIRONMENT_WIN32_PROCESS 0x00000000 + +#endif // (_WIN32_WINNT < 0x0A00) + +#if defined(__MINGW32__) + +// winnt.h +#define THREAD_DYNAMIC_CODE_ALLOW 1 // Opt-out of dynamic code generation. + +// Mingw uses an old version THREAD_INFORMATION_CLASS defined in winbase.h +// where ThreadDynamicCodePolicy does not exist. +#define ThreadDynamicCodePolicy static_cast<THREAD_INFORMATION_CLASS>(2) + +#endif // defined(__MINGW32__) + +#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ diff --git a/security/sandbox/chromium-shim/base/win/win_util.cpp b/security/sandbox/chromium-shim/base/win/win_util.cpp new file mode 100644 index 0000000000..3ea789675d --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/win_util.cpp @@ -0,0 +1,42 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a partial implementation of Chromium's source file +// base/win/win_util.cc + +#include "base/win/win_util.h" + +#include "base/logging.h" +#include "base/strings/string_util.h" + +namespace base { +namespace win { + +std::wstring GetWindowObjectName(HANDLE handle) { + // Get the size of the name. + std::wstring object_name; + + DWORD size = 0; + ::GetUserObjectInformation(handle, UOI_NAME, nullptr, 0, &size); + if (!size) { + DPCHECK(false); + return object_name; + } + + LOG_ASSERT(size % sizeof(wchar_t) == 0u); + + // Query the name of the object. + if (!::GetUserObjectInformation( + handle, UOI_NAME, WriteInto(&object_name, size / sizeof(wchar_t)), + size, &size)) { + DPCHECK(false); + } + + return object_name; +} + +} // namespace win +} // namespace base diff --git a/security/sandbox/chromium-shim/base/win/win_util.h b/security/sandbox/chromium-shim/base/win/win_util.h new file mode 100644 index 0000000000..3e91e63d59 --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/win_util.h @@ -0,0 +1,26 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// This is a partial implementation of Chromium's source file +// base/win/win_util.h + +#ifndef BASE_WIN_WIN_UTIL_H_ +#define BASE_WIN_WIN_UTIL_H_ + +#include <string> + +#include "base/base_export.h" + +namespace base { +namespace win { + +// Returns the name of a desktop or a window station. +BASE_EXPORT std::wstring GetWindowObjectName(HANDLE handle); + +} // namespace win +} // namespace base + +#endif // BASE_WIN_WIN_UTIL_H_ |