rlz/win/lib/rlz_lib_win.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4 //
   5 // A library to manage RLZ information for access-points shared
   6 // across different client applications.
   7
   8 #include "rlz/win/lib/rlz_lib.h"
   9
  10 #include <windows.h>
  11 #include <aclapi.h>
  12 #include <winerror.h>
  13
  14 #include "base/basictypes.h"
  15 #include "base/win/registry.h"
  16 #include "base/win/windows_version.h"
  17 #include "rlz/lib/assert.h"
  18 #include "rlz/lib/rlz_value_store.h"
  19 #include "rlz/win/lib/machine_deal.h"
  20 #include "rlz/win/lib/rlz_value_store_registry.h"
  21
  22 namespace {
  23
  24 // Path to recursively copy into the replacemment hives.  These are needed
  25 // to make sure certain win32 APIs continue to run correctly once the real
  26 // hives are replaced.
  27 const wchar_t* kHKLMAccessProviders =
  28     L"System\\CurrentControlSet\\Control\\Lsa\\AccessProviders";
  29
  30 // Helper functions
  31
  32 void CopyRegistryTree(const base::win::RegKey& src, base::win::RegKey* dest) {
  33   // First copy values.
  34   for (base::win::RegistryValueIterator i(src.Handle(), L"");
  35        i.Valid(); ++i) {
  36     dest->WriteValue(i.Name(), reinterpret_cast<const void*>(i.Value()),
  37                      i.ValueSize(), i.Type());
  38   }
  39
  40   // Next copy subkeys recursively.
  41   for (base::win::RegistryKeyIterator i(src.Handle(), L"");
  42        i.Valid(); ++i) {
  43     base::win::RegKey subkey(dest->Handle(), i.Name(), KEY_ALL_ACCESS);
  44     CopyRegistryTree(base::win::RegKey(src.Handle(), i.Name(), KEY_READ),
  45                      &subkey);
  46   }
  47 }
  48
  49 }  // namespace anonymous
  50
  51
  52 namespace rlz_lib {
  53
  54 // OEM Deal confirmation storage functions.
  55
  56 template<class T>
  57 class typed_buffer_ptr {
  58   scoped_ptr<char[]> buffer_;
  59
  60  public:
  61   typed_buffer_ptr() {
  62   }
  63
  64   explicit typed_buffer_ptr(size_t size) : buffer_(new char[size]) {
  65   }
  66
  67   void reset(size_t size) {
  68     buffer_.reset(new char[size]);
  69   }
  70
  71   operator T*() {
  72     return reinterpret_cast<T*>(buffer_.get());
  73   }
  74 };
  75
  76 // Check if this SID has the desired access by scanning the ACEs in the DACL.
  77 // This function is part of the rlz_lib namespace so that it can be called from
  78 // unit tests.  Non-unit test code should not call this function.
  79 bool HasAccess(PSID sid, ACCESS_MASK access_mask, ACL* dacl) {
  80   if (dacl == NULL)
  81     return false;
  82
  83   ACL_SIZE_INFORMATION info;
  84   if (!GetAclInformation(dacl, &info, sizeof(info), AclSizeInformation))
  85     return false;
  86
  87   GENERIC_MAPPING generic_mapping = {KEY_READ, KEY_WRITE, KEY_EXECUTE,
  88                                      KEY_ALL_ACCESS};
  89   MapGenericMask(&access_mask, &generic_mapping);
  90
  91   for (DWORD i = 0; i < info.AceCount; ++i) {
  92     ACCESS_ALLOWED_ACE* ace;
  93     if (GetAce(dacl, i, reinterpret_cast<void**>(&ace))) {
  94       if ((ace->Header.AceFlags & INHERIT_ONLY_ACE) == INHERIT_ONLY_ACE)
  95         continue;
  96
  97       PSID existing_sid = reinterpret_cast<PSID>(&ace->SidStart);
  98       DWORD mask = ace->Mask;
  99       MapGenericMask(&mask, &generic_mapping);
 100
 101       if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE &&
 102          (mask & access_mask) == access_mask && EqualSid(existing_sid, sid))
 103         return true;
 104
 105       if (ace->Header.AceType == ACCESS_DENIED_ACE_TYPE &&
 106          (mask & access_mask) != 0 && EqualSid(existing_sid, sid))
 107         return false;
 108     }
 109   }
 110
 111   return false;
 112 }
 113
 114 bool CreateMachineState() {
 115   LibMutex lock;
 116   if (lock.failed())
 117     return false;
 118
 119   base::win::RegKey hklm_key;
 120   if (hklm_key.Create(HKEY_LOCAL_MACHINE,
 121                       RlzValueStoreRegistry::GetWideLibKeyName().c_str(),
 122                       KEY_ALL_ACCESS | KEY_WOW64_32KEY) != ERROR_SUCCESS) {
 123     ASSERT_STRING("rlz_lib::CreateMachineState: "
 124                   "Unable to create / open machine key.");
 125     return false;
 126   }
 127
 128   // Create a SID that represents ALL USERS.
 129   DWORD users_sid_size = SECURITY_MAX_SID_SIZE;
 130   typed_buffer_ptr<SID> users_sid(users_sid_size);
 131   CreateWellKnownSid(WinBuiltinUsersSid, NULL, users_sid, &users_sid_size);
 132
 133   // Get the security descriptor for the registry key.
 134   DWORD original_sd_size = 0;
 135   ::RegGetKeySecurity(hklm_key.Handle(), DACL_SECURITY_INFORMATION, NULL,
 136       &original_sd_size);
 137   typed_buffer_ptr<SECURITY_DESCRIPTOR> original_sd(original_sd_size);
 138
 139   LONG result = ::RegGetKeySecurity(hklm_key.Handle(),
 140       DACL_SECURITY_INFORMATION, original_sd, &original_sd_size);
 141   if (result != ERROR_SUCCESS) {
 142     ASSERT_STRING("rlz_lib::CreateMachineState: "
 143                   "Unable to create / open machine key.");
 144     return false;
 145   }
 146
 147   // Make a copy of the security descriptor so we can modify it.  The one
 148   // returned by RegGetKeySecurity() is self-relative, so we need to make it
 149   // absolute.
 150   DWORD new_sd_size = 0;
 151   DWORD dacl_size = 0;
 152   DWORD sacl_size = 0;
 153   DWORD owner_size = 0;
 154   DWORD group_size = 0;
 155   ::MakeAbsoluteSD(original_sd, NULL, &new_sd_size, NULL, &dacl_size,
 156                         NULL, &sacl_size, NULL, &owner_size,
 157                         NULL, &group_size);
 158
 159   typed_buffer_ptr<SECURITY_DESCRIPTOR> new_sd(new_sd_size);
 160   // Make sure the DACL is big enough to add one more ACE.
 161   typed_buffer_ptr<ACL> dacl(dacl_size + SECURITY_MAX_SID_SIZE);
 162   typed_buffer_ptr<ACL> sacl(sacl_size);
 163   typed_buffer_ptr<SID> owner(owner_size);
 164   typed_buffer_ptr<SID> group(group_size);
 165
 166   if (!::MakeAbsoluteSD(original_sd, new_sd, &new_sd_size, dacl, &dacl_size,
 167                         sacl, &sacl_size, owner, &owner_size,
 168                         group, &group_size)) {
 169     ASSERT_STRING("rlz_lib::CreateMachineState: MakeAbsoluteSD failed");
 170     return false;
 171   }
 172
 173   // If all users already have read/write access to the registry key, then
 174   // nothing to do.  Otherwise change the security descriptor of the key to
 175   // give everyone access.
 176   if (HasAccess(users_sid, KEY_ALL_ACCESS, dacl)) {
 177     return false;
 178   }
 179
 180   // Add ALL-USERS ALL-ACCESS ACL.
 181   EXPLICIT_ACCESS ea;
 182   ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
 183   ea.grfAccessPermissions = GENERIC_ALL | KEY_ALL_ACCESS;
 184   ea.grfAccessMode = GRANT_ACCESS;
 185   ea.grfInheritance= SUB_CONTAINERS_AND_OBJECTS_INHERIT;
 186   ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME;
 187   ea.Trustee.ptstrName = L"Everyone";
 188
 189   ACL* new_dacl = NULL;
 190   result = SetEntriesInAcl(1, &ea, dacl, &new_dacl);
 191   if (result != ERROR_SUCCESS) {
 192     ASSERT_STRING("rlz_lib::CreateMachineState: SetEntriesInAcl failed");
 193     return false;
 194   }
 195
 196   BOOL ok = SetSecurityDescriptorDacl(new_sd, TRUE, new_dacl, FALSE);
 197   if (!ok) {
 198     ASSERT_STRING("rlz_lib::CreateMachineState: "
 199                   "SetSecurityDescriptorOwner failed");
 200     LocalFree(new_dacl);
 201     return false;
 202   }
 203
 204   result = ::RegSetKeySecurity(hklm_key.Handle(),
 205                                DACL_SECURITY_INFORMATION,
 206                                new_sd);
 207   // Note that the new DACL cannot be freed until after the call to
 208   // RegSetKeySecurity().
 209   LocalFree(new_dacl);
 210
 211   bool success = true;
 212   if (result != ERROR_SUCCESS) {
 213     ASSERT_STRING("rlz_lib::CreateMachineState: "
 214                   "Unable to create / open machine key.");
 215     success = false;
 216   }
 217
 218
 219   return success;
 220 }
 221
 222 bool SetMachineDealCode(const char* dcc) {
 223   return MachineDealCode::Set(dcc);
 224 }
 225
 226 bool GetMachineDealCodeAsCgi(char* cgi, size_t cgi_size) {
 227   return MachineDealCode::GetAsCgi(cgi, cgi_size);
 228 }
 229
 230 bool GetMachineDealCode(char* dcc, size_t dcc_size) {
 231   return MachineDealCode::Get(dcc, dcc_size);
 232 }
 233
 234 // Combined functions.
 235
 236 bool SetMachineDealCodeFromPingResponse(const char* response) {
 237   return MachineDealCode::SetFromPingResponse(response);
 238 }
 239
 240 void InitializeTempHivesForTesting(const base::win::RegKey& temp_hklm_key,
 241                                    const base::win::RegKey& temp_hkcu_key) {
 242   // For the moment, the HKCU hive requires no initialization.
 243
 244   if (base::win::GetVersion() >= base::win::VERSION_WIN7) {
 245     // Copy the following HKLM subtrees to the temporary location so that the
 246     // win32 APIs used by the tests continue to work:
 247     //
 248     //    HKLM\System\CurrentControlSet\Control\Lsa\AccessProviders
 249     //
 250     // This seems to be required since Win7.
 251     base::win::RegKey dest(temp_hklm_key.Handle(), kHKLMAccessProviders,
 252                            KEY_ALL_ACCESS);
 253     CopyRegistryTree(base::win::RegKey(HKEY_LOCAL_MACHINE,
 254                                        kHKLMAccessProviders,
 255                                        KEY_READ),
 256                      &dest);
 257   }
 258 }
 259
 260 }  // namespace rlz_lib