Add ICU message format support
[chromium-blink-merge.git] / sandbox / win / src / process_mitigations_test.cc
blob78f730bc385bfda75dd9e49a549e34979de535b8
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/strings/stringprintf.h"
6 #include "base/win/scoped_handle.h"
8 #include "base/win/windows_version.h"
9 #include "sandbox/win/src/nt_internals.h"
10 #include "sandbox/win/src/process_mitigations.h"
11 #include "sandbox/win/src/sandbox.h"
12 #include "sandbox/win/src/sandbox_factory.h"
13 #include "sandbox/win/src/target_services.h"
14 #include "sandbox/win/src/win_utils.h"
15 #include "sandbox/win/tests/common/controller.h"
16 #include "testing/gtest/include/gtest/gtest.h"
18 namespace {
20 typedef BOOL (WINAPI *GetProcessDEPPolicyFunction)(
21 HANDLE process,
22 LPDWORD flags,
23 PBOOL permanent);
25 typedef BOOL (WINAPI *GetProcessMitigationPolicyFunction)(
26 HANDLE process,
27 PROCESS_MITIGATION_POLICY mitigation_policy,
28 PVOID buffer,
29 SIZE_T length);
31 GetProcessMitigationPolicyFunction get_process_mitigation_policy;
33 bool CheckWin8DepPolicy() {
34 PROCESS_MITIGATION_DEP_POLICY policy = {};
35 if (!get_process_mitigation_policy(::GetCurrentProcess(), ProcessDEPPolicy,
36 &policy, sizeof(policy))) {
37 return false;
39 return policy.Enable && policy.Permanent;
42 #if defined(NDEBUG)
43 bool CheckWin8AslrPolicy() {
44 PROCESS_MITIGATION_ASLR_POLICY policy = {};
45 if (!get_process_mitigation_policy(::GetCurrentProcess(), ProcessASLRPolicy,
46 &policy, sizeof(policy))) {
47 return false;
49 return policy.EnableForceRelocateImages && policy.DisallowStrippedImages;
51 #endif // defined(NDEBUG)
53 bool CheckWin8StrictHandlePolicy() {
54 PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY policy = {};
55 if (!get_process_mitigation_policy(::GetCurrentProcess(),
56 ProcessStrictHandleCheckPolicy,
57 &policy, sizeof(policy))) {
58 return false;
60 return policy.RaiseExceptionOnInvalidHandleReference &&
61 policy.HandleExceptionsPermanentlyEnabled;
64 bool CheckWin8Win32CallPolicy() {
65 PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY policy = {};
66 if (!get_process_mitigation_policy(::GetCurrentProcess(),
67 ProcessSystemCallDisablePolicy,
68 &policy, sizeof(policy))) {
69 return false;
71 return policy.DisallowWin32kSystemCalls;
74 bool CheckWin8DllExtensionPolicy() {
75 PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY policy = {};
76 if (!get_process_mitigation_policy(::GetCurrentProcess(),
77 ProcessExtensionPointDisablePolicy,
78 &policy, sizeof(policy))) {
79 return false;
81 return policy.DisableExtensionPoints;
84 } // namespace
86 namespace sandbox {
88 SBOX_TESTS_COMMAND int CheckWin8(int argc, wchar_t **argv) {
89 get_process_mitigation_policy =
90 reinterpret_cast<GetProcessMitigationPolicyFunction>(
91 ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"),
92 "GetProcessMitigationPolicy"));
93 if (!get_process_mitigation_policy)
94 return SBOX_TEST_NOT_FOUND;
96 #if !defined(_WIN64) // DEP is always enabled on 64-bit.
97 if (!CheckWin8DepPolicy())
98 return SBOX_TEST_FIRST_ERROR;
99 #endif
101 #if defined(NDEBUG) // ASLR cannot be forced in debug builds.
102 if (!CheckWin8AslrPolicy())
103 return SBOX_TEST_SECOND_ERROR;
104 #endif
106 if (!CheckWin8StrictHandlePolicy())
107 return SBOX_TEST_THIRD_ERROR;
109 if (!CheckWin8DllExtensionPolicy())
110 return SBOX_TEST_FIFTH_ERROR;
112 return SBOX_TEST_SUCCEEDED;
115 TEST(ProcessMitigationsTest, CheckWin8) {
116 if (base::win::GetVersion() < base::win::VERSION_WIN8)
117 return;
119 TestRunner runner;
120 sandbox::TargetPolicy* policy = runner.GetPolicy();
122 sandbox::MitigationFlags mitigations = MITIGATION_DEP |
123 MITIGATION_DEP_NO_ATL_THUNK |
124 MITIGATION_EXTENSION_DLL_DISABLE;
125 #if defined(NDEBUG) // ASLR cannot be forced in debug builds.
126 mitigations |= MITIGATION_RELOCATE_IMAGE |
127 MITIGATION_RELOCATE_IMAGE_REQUIRED;
128 #endif
130 EXPECT_EQ(policy->SetProcessMitigations(mitigations), SBOX_ALL_OK);
132 mitigations |= MITIGATION_STRICT_HANDLE_CHECKS;
134 EXPECT_EQ(policy->SetDelayedProcessMitigations(mitigations), SBOX_ALL_OK);
136 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8"));
140 SBOX_TESTS_COMMAND int CheckDep(int argc, wchar_t **argv) {
141 GetProcessDEPPolicyFunction get_process_dep_policy =
142 reinterpret_cast<GetProcessDEPPolicyFunction>(
143 ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"),
144 "GetProcessDEPPolicy"));
145 if (get_process_dep_policy) {
146 BOOL is_permanent = FALSE;
147 DWORD dep_flags = 0;
149 if (!get_process_dep_policy(::GetCurrentProcess(), &dep_flags,
150 &is_permanent)) {
151 return SBOX_TEST_FIRST_ERROR;
154 if (!(dep_flags & PROCESS_DEP_ENABLE) || !is_permanent)
155 return SBOX_TEST_SECOND_ERROR;
157 } else {
158 NtQueryInformationProcessFunction query_information_process = NULL;
159 ResolveNTFunctionPtr("NtQueryInformationProcess",
160 &query_information_process);
161 if (!query_information_process)
162 return SBOX_TEST_NOT_FOUND;
164 ULONG size = 0;
165 ULONG dep_flags = 0;
166 if (!SUCCEEDED(query_information_process(::GetCurrentProcess(),
167 ProcessExecuteFlags, &dep_flags,
168 sizeof(dep_flags), &size))) {
169 return SBOX_TEST_THIRD_ERROR;
172 static const int MEM_EXECUTE_OPTION_DISABLE = 2;
173 static const int MEM_EXECUTE_OPTION_PERMANENT = 8;
174 dep_flags &= 0xff;
176 if (dep_flags != (MEM_EXECUTE_OPTION_DISABLE |
177 MEM_EXECUTE_OPTION_PERMANENT)) {
178 return SBOX_TEST_FOURTH_ERROR;
182 return SBOX_TEST_SUCCEEDED;
185 #if !defined(_WIN64) // DEP is always enabled on 64-bit.
186 TEST(ProcessMitigationsTest, CheckDep) {
187 if (base::win::GetVersion() > base::win::VERSION_WIN7)
188 return;
190 TestRunner runner;
191 sandbox::TargetPolicy* policy = runner.GetPolicy();
193 EXPECT_EQ(policy->SetProcessMitigations(
194 MITIGATION_DEP |
195 MITIGATION_DEP_NO_ATL_THUNK |
196 MITIGATION_SEHOP),
197 SBOX_ALL_OK);
198 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckDep"));
200 #endif
202 SBOX_TESTS_COMMAND int CheckWin8Lockdown(int argc, wchar_t **argv) {
203 get_process_mitigation_policy =
204 reinterpret_cast<GetProcessMitigationPolicyFunction>(
205 ::GetProcAddress(::GetModuleHandleW(L"kernel32.dll"),
206 "GetProcessMitigationPolicy"));
207 if (!get_process_mitigation_policy)
208 return SBOX_TEST_NOT_FOUND;
210 if (!CheckWin8Win32CallPolicy())
211 return SBOX_TEST_FIRST_ERROR;
212 return SBOX_TEST_SUCCEEDED;
215 // This test validates that setting the MITIGATION_WIN32K_DISABLE mitigation on
216 // the target process causes the launch to fail in process initialization.
217 // The test process itself links against user32/gdi32.
218 TEST(ProcessMitigationsTest, CheckWin8Win32KLockDownFailure) {
219 if (base::win::GetVersion() < base::win::VERSION_WIN8)
220 return;
222 TestRunner runner;
223 sandbox::TargetPolicy* policy = runner.GetPolicy();
225 EXPECT_EQ(policy->SetProcessMitigations(MITIGATION_WIN32K_DISABLE),
226 SBOX_ALL_OK);
227 EXPECT_NE(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8Lockdown"));
230 // This test validates that setting the MITIGATION_WIN32K_DISABLE mitigation
231 // along with the policy to fake user32 and gdi32 initialization successfully
232 // launches the target process.
233 // The test process itself links against user32/gdi32.
234 TEST(ProcessMitigationsTest, CheckWin8Win32KLockDownSuccess) {
235 if (base::win::GetVersion() < base::win::VERSION_WIN8)
236 return;
238 TestRunner runner;
239 sandbox::TargetPolicy* policy = runner.GetPolicy();
241 EXPECT_EQ(policy->SetProcessMitigations(MITIGATION_WIN32K_DISABLE),
242 SBOX_ALL_OK);
243 EXPECT_EQ(policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN,
244 sandbox::TargetPolicy::FAKE_USER_GDI_INIT, NULL),
245 sandbox::SBOX_ALL_OK);
246 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"CheckWin8Lockdown"));
249 } // namespace sandbox