1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "sandbox/win/src/interceptors_64.h" 6 7 #include "sandbox/win/src/interceptors.h" 8 #include "sandbox/win/src/filesystem_interception.h" 9 #include "sandbox/win/src/named_pipe_interception.h" 10 #include "sandbox/win/src/policy_target.h" 11 #include "sandbox/win/src/process_thread_interception.h" 12 #include "sandbox/win/src/registry_interception.h" 13 #include "sandbox/win/src/sandbox_nt_types.h" 14 #include "sandbox/win/src/sandbox_types.h" 15 #include "sandbox/win/src/sync_interception.h" 16 #include "sandbox/win/src/target_interceptions.h" 17 18 namespace sandbox { 19 20 SANDBOX_INTERCEPT NtExports g_nt; 21 SANDBOX_INTERCEPT OriginalFunctions g_originals; 22 23 NTSTATUS WINAPI TargetNtMapViewOfSection64( 24 HANDLE section, HANDLE process, PVOID *base, ULONG_PTR zero_bits, 25 SIZE_T commit_size, PLARGE_INTEGER offset, PSIZE_T view_size, 26 SECTION_INHERIT inherit, ULONG allocation_type, ULONG protect) { 27 NtMapViewOfSectionFunction orig_fn = reinterpret_cast< 28 NtMapViewOfSectionFunction>(g_originals[MAP_VIEW_OF_SECTION_ID]); 29 30 return TargetNtMapViewOfSection(orig_fn, section, process, base, zero_bits, 31 commit_size, offset, view_size, inherit, 32 allocation_type, protect); 33 } 34 35 NTSTATUS WINAPI TargetNtUnmapViewOfSection64(HANDLE process, PVOID base) { 36 NtUnmapViewOfSectionFunction orig_fn = reinterpret_cast< 37 NtUnmapViewOfSectionFunction>(g_originals[UNMAP_VIEW_OF_SECTION_ID]); 38 return TargetNtUnmapViewOfSection(orig_fn, process, base); 39 } 40 41 // ----------------------------------------------------------------------- 42 43 NTSTATUS WINAPI TargetNtSetInformationThread64( 44 HANDLE thread, NT_THREAD_INFORMATION_CLASS thread_info_class, 45 PVOID thread_information, ULONG thread_information_bytes) { 46 NtSetInformationThreadFunction orig_fn = reinterpret_cast< 47 NtSetInformationThreadFunction>(g_originals[SET_INFORMATION_THREAD_ID]); 48 return TargetNtSetInformationThread(orig_fn, thread, thread_info_class, 49 thread_information, 50 thread_information_bytes); 51 } 52 53 NTSTATUS WINAPI TargetNtOpenThreadToken64( 54 HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self, 55 PHANDLE token) { 56 NtOpenThreadTokenFunction orig_fn = reinterpret_cast< 57 NtOpenThreadTokenFunction>(g_originals[OPEN_THREAD_TOKEN_ID]); 58 return TargetNtOpenThreadToken(orig_fn, thread, desired_access, open_as_self, 59 token); 60 } 61 62 NTSTATUS WINAPI TargetNtOpenThreadTokenEx64( 63 HANDLE thread, ACCESS_MASK desired_access, BOOLEAN open_as_self, 64 ULONG handle_attributes, PHANDLE token) { 65 NtOpenThreadTokenExFunction orig_fn = reinterpret_cast< 66 NtOpenThreadTokenExFunction>(g_originals[OPEN_THREAD_TOKEN_EX_ID]); 67 return TargetNtOpenThreadTokenEx(orig_fn, thread, desired_access, 68 open_as_self, handle_attributes, token); 69 } 70 71 HANDLE WINAPI TargetCreateThread64( 72 LPSECURITY_ATTRIBUTES thread_attributes, SIZE_T stack_size, 73 LPTHREAD_START_ROUTINE start_address, PVOID parameter, DWORD creation_flags, 74 LPDWORD thread_id) { 75 CreateThreadFunction orig_fn = reinterpret_cast< 76 CreateThreadFunction>(g_originals[CREATE_THREAD_ID]); 77 return TargetCreateThread(orig_fn, thread_attributes, stack_size, 78 start_address, parameter, creation_flags, 79 thread_id); 80 } 81 82 LCID WINAPI TargetGetUserDefaultLCID64(void) { 83 GetUserDefaultLCIDFunction orig_fn = reinterpret_cast< 84 GetUserDefaultLCIDFunction>(g_originals[GET_USER_DEFAULT_LCID_ID]); 85 return TargetGetUserDefaultLCID(orig_fn); 86 } 87 88 // ----------------------------------------------------------------------- 89 90 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateFile64( 91 PHANDLE file, ACCESS_MASK desired_access, 92 POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status, 93 PLARGE_INTEGER allocation_size, ULONG file_attributes, ULONG sharing, 94 ULONG disposition, ULONG options, PVOID ea_buffer, ULONG ea_length) { 95 NtCreateFileFunction orig_fn = reinterpret_cast< 96 NtCreateFileFunction>(g_originals[CREATE_FILE_ID]); 97 return TargetNtCreateFile(orig_fn, file, desired_access, object_attributes, 98 io_status, allocation_size, file_attributes, 99 sharing, disposition, options, ea_buffer, 100 ea_length); 101 } 102 103 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenFile64( 104 PHANDLE file, ACCESS_MASK desired_access, 105 POBJECT_ATTRIBUTES object_attributes, PIO_STATUS_BLOCK io_status, 106 ULONG sharing, ULONG options) { 107 NtOpenFileFunction orig_fn = reinterpret_cast< 108 NtOpenFileFunction>(g_originals[OPEN_FILE_ID]); 109 return TargetNtOpenFile(orig_fn, file, desired_access, object_attributes, 110 io_status, sharing, options); 111 } 112 113 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryAttributesFile64( 114 POBJECT_ATTRIBUTES object_attributes, 115 PFILE_BASIC_INFORMATION file_attributes) { 116 NtQueryAttributesFileFunction orig_fn = reinterpret_cast< 117 NtQueryAttributesFileFunction>(g_originals[QUERY_ATTRIB_FILE_ID]); 118 return TargetNtQueryAttributesFile(orig_fn, object_attributes, 119 file_attributes); 120 } 121 122 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtQueryFullAttributesFile64( 123 POBJECT_ATTRIBUTES object_attributes, 124 PFILE_NETWORK_OPEN_INFORMATION file_attributes) { 125 NtQueryFullAttributesFileFunction orig_fn = reinterpret_cast< 126 NtQueryFullAttributesFileFunction>( 127 g_originals[QUERY_FULL_ATTRIB_FILE_ID]); 128 return TargetNtQueryFullAttributesFile(orig_fn, object_attributes, 129 file_attributes); 130 } 131 132 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationFile64( 133 HANDLE file, PIO_STATUS_BLOCK io_status, PVOID file_information, 134 ULONG length, FILE_INFORMATION_CLASS file_information_class) { 135 NtSetInformationFileFunction orig_fn = reinterpret_cast< 136 NtSetInformationFileFunction>(g_originals[SET_INFO_FILE_ID]); 137 return TargetNtSetInformationFile(orig_fn, file, io_status, file_information, 138 length, file_information_class); 139 } 140 141 // ----------------------------------------------------------------------- 142 143 SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateNamedPipeW64( 144 LPCWSTR pipe_name, DWORD open_mode, DWORD pipe_mode, DWORD max_instance, 145 DWORD out_buffer_size, DWORD in_buffer_size, DWORD default_timeout, 146 LPSECURITY_ATTRIBUTES security_attributes) { 147 CreateNamedPipeWFunction orig_fn = reinterpret_cast< 148 CreateNamedPipeWFunction>(g_originals[CREATE_NAMED_PIPE_ID]); 149 return TargetCreateNamedPipeW(orig_fn, pipe_name, open_mode, pipe_mode, 150 max_instance, out_buffer_size, in_buffer_size, 151 default_timeout, security_attributes); 152 } 153 154 // ----------------------------------------------------------------------- 155 156 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread64( 157 PHANDLE thread, ACCESS_MASK desired_access, 158 POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) { 159 NtOpenThreadFunction orig_fn = reinterpret_cast< 160 NtOpenThreadFunction>(g_originals[OPEN_TREAD_ID]); 161 return TargetNtOpenThread(orig_fn, thread, desired_access, object_attributes, 162 client_id); 163 } 164 165 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess64( 166 PHANDLE process, ACCESS_MASK desired_access, 167 POBJECT_ATTRIBUTES object_attributes, PCLIENT_ID client_id) { 168 NtOpenProcessFunction orig_fn = reinterpret_cast< 169 NtOpenProcessFunction>(g_originals[OPEN_PROCESS_ID]); 170 return TargetNtOpenProcess(orig_fn, process, desired_access, 171 object_attributes, client_id); 172 } 173 174 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken64( 175 HANDLE process, ACCESS_MASK desired_access, PHANDLE token) { 176 NtOpenProcessTokenFunction orig_fn = reinterpret_cast< 177 NtOpenProcessTokenFunction>(g_originals[OPEN_PROCESS_TOKEN_ID]); 178 return TargetNtOpenProcessToken(orig_fn, process, desired_access, token); 179 } 180 181 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx64( 182 HANDLE process, ACCESS_MASK desired_access, ULONG handle_attributes, 183 PHANDLE token) { 184 NtOpenProcessTokenExFunction orig_fn = reinterpret_cast< 185 NtOpenProcessTokenExFunction>(g_originals[OPEN_PROCESS_TOKEN_EX_ID]); 186 return TargetNtOpenProcessTokenEx(orig_fn, process, desired_access, 187 handle_attributes, token); 188 } 189 190 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW64( 191 LPCWSTR application_name, LPWSTR command_line, 192 LPSECURITY_ATTRIBUTES process_attributes, 193 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags, 194 LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info, 195 LPPROCESS_INFORMATION process_information) { 196 CreateProcessWFunction orig_fn = reinterpret_cast< 197 CreateProcessWFunction>(g_originals[CREATE_PROCESSW_ID]); 198 return TargetCreateProcessW(orig_fn, application_name, command_line, 199 process_attributes, thread_attributes, 200 inherit_handles, flags, environment, 201 current_directory, startup_info, 202 process_information); 203 } 204 205 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA64( 206 LPCSTR application_name, LPSTR command_line, 207 LPSECURITY_ATTRIBUTES process_attributes, 208 LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags, 209 LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info, 210 LPPROCESS_INFORMATION process_information) { 211 CreateProcessAFunction orig_fn = reinterpret_cast< 212 CreateProcessAFunction>(g_originals[CREATE_PROCESSA_ID]); 213 return TargetCreateProcessA(orig_fn, application_name, command_line, 214 process_attributes, thread_attributes, 215 inherit_handles, flags, environment, 216 current_directory, startup_info, 217 process_information); 218 } 219 220 // ----------------------------------------------------------------------- 221 222 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtCreateKey64( 223 PHANDLE key, ACCESS_MASK desired_access, 224 POBJECT_ATTRIBUTES object_attributes, ULONG title_index, 225 PUNICODE_STRING class_name, ULONG create_options, PULONG disposition) { 226 NtCreateKeyFunction orig_fn = reinterpret_cast< 227 NtCreateKeyFunction>(g_originals[CREATE_KEY_ID]); 228 return TargetNtCreateKey(orig_fn, key, desired_access, object_attributes, 229 title_index, class_name, create_options, 230 disposition); 231 } 232 233 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKey64( 234 PHANDLE key, ACCESS_MASK desired_access, 235 POBJECT_ATTRIBUTES object_attributes) { 236 NtOpenKeyFunction orig_fn = reinterpret_cast< 237 NtOpenKeyFunction>(g_originals[OPEN_KEY_ID]); 238 return TargetNtOpenKey(orig_fn, key, desired_access, object_attributes); 239 } 240 241 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenKeyEx64( 242 PHANDLE key, ACCESS_MASK desired_access, 243 POBJECT_ATTRIBUTES object_attributes, ULONG open_options) { 244 NtOpenKeyExFunction orig_fn = reinterpret_cast< 245 NtOpenKeyExFunction>(g_originals[OPEN_KEY_EX_ID]); 246 return TargetNtOpenKeyEx(orig_fn, key, desired_access, object_attributes, 247 open_options); 248 } 249 250 // ----------------------------------------------------------------------- 251 252 SANDBOX_INTERCEPT HANDLE WINAPI TargetCreateEventW64( 253 LPSECURITY_ATTRIBUTES security_attributes, BOOL manual_reset, 254 BOOL initial_state, LPCWSTR name) { 255 CreateEventWFunction orig_fn = reinterpret_cast< 256 CreateEventWFunction>(g_originals[CREATE_EVENT_ID]); 257 return TargetCreateEventW(orig_fn, security_attributes, manual_reset, 258 initial_state, name); 259 } 260 261 SANDBOX_INTERCEPT HANDLE WINAPI TargetOpenEventW64( 262 ACCESS_MASK desired_access, BOOL inherit_handle, LPCWSTR name) { 263 OpenEventWFunction orig_fn = reinterpret_cast< 264 OpenEventWFunction>(g_originals[OPEN_EVENT_ID]); 265 return TargetOpenEventW(orig_fn, desired_access, inherit_handle, name); 266 } 267 268 } // namespace sandbox 269
