Permission message rules: Each rule must have >= 1 required permissions
[chromium-blink-merge.git] / sandbox / win / src / service_resolver.h
blobf5db9677d3bc01fd9420e64aa949f663b02a6ac6
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_SRC_SERVICE_RESOLVER_H__
6 #define SANDBOX_SRC_SERVICE_RESOLVER_H__
8 #include "sandbox/win/src/nt_internals.h"
9 #include "sandbox/win/src/resolver.h"
11 namespace sandbox {
13 // This is the concrete resolver used to perform service-call type functions
14 // inside ntdll.dll.
15 class ServiceResolverThunk : public ResolverThunk {
16 public:
17 // The service resolver needs a child process to write to.
18 ServiceResolverThunk(HANDLE process, bool relaxed)
19 : ntdll_base_(NULL),
20 process_(process),
21 relaxed_(relaxed),
22 relative_jump_(0) {}
23 ~ServiceResolverThunk() override {}
25 // Implementation of Resolver::Setup.
26 NTSTATUS Setup(const void* target_module,
27 const void* interceptor_module,
28 const char* target_name,
29 const char* interceptor_name,
30 const void* interceptor_entry_point,
31 void* thunk_storage,
32 size_t storage_bytes,
33 size_t* storage_used) override;
35 // Implementation of Resolver::ResolveInterceptor.
36 NTSTATUS ResolveInterceptor(const void* module,
37 const char* function_name,
38 const void** address) override;
40 // Implementation of Resolver::ResolveTarget.
41 NTSTATUS ResolveTarget(const void* module,
42 const char* function_name,
43 void** address) override;
45 // Implementation of Resolver::GetThunkSize.
46 size_t GetThunkSize() const override;
48 // Call this to set up ntdll_base_ which will allow for local patches.
49 virtual void AllowLocalPatches();
51 // Verifies that the function specified by |target_name| in |target_module| is
52 // a service and copies the data from that function into |thunk_storage|. If
53 // |storage_bytes| is too small, then the method fails.
54 virtual NTSTATUS CopyThunk(const void* target_module,
55 const char* target_name,
56 BYTE* thunk_storage,
57 size_t storage_bytes,
58 size_t* storage_used);
60 protected:
61 // The unit test will use this member to allow local patch on a buffer.
62 HMODULE ntdll_base_;
64 // Handle of the child process.
65 HANDLE process_;
67 private:
68 // Returns true if the code pointer by target_ corresponds to the expected
69 // type of function. Saves that code on the first part of the thunk pointed
70 // by local_thunk (should be directly accessible from the parent).
71 virtual bool IsFunctionAService(void* local_thunk) const;
73 // Performs the actual patch of target_.
74 // local_thunk must be already fully initialized, and the first part must
75 // contain the original code. The real type of this buffer is ServiceFullThunk
76 // (yes, private). remote_thunk (real type ServiceFullThunk), must be
77 // allocated on the child, and will contain the thunk data, after this call.
78 // Returns the apropriate status code.
79 virtual NTSTATUS PerformPatch(void* local_thunk, void* remote_thunk);
81 // Provides basically the same functionality as IsFunctionAService but it
82 // continues even if it does not recognize the function code. remote_thunk
83 // is the address of our memory on the child.
84 bool SaveOriginalFunction(void* local_thunk, void* remote_thunk);
86 // true if we are allowed to patch already-patched functions.
87 bool relaxed_;
88 ULONG relative_jump_;
90 DISALLOW_COPY_AND_ASSIGN(ServiceResolverThunk);
93 // This is the concrete resolver used to perform service-call type functions
94 // inside ntdll.dll on WOW64 (32 bit ntdll on 64 bit Vista).
95 class Wow64ResolverThunk : public ServiceResolverThunk {
96 public:
97 // The service resolver needs a child process to write to.
98 Wow64ResolverThunk(HANDLE process, bool relaxed)
99 : ServiceResolverThunk(process, relaxed) {}
100 ~Wow64ResolverThunk() override {}
102 private:
103 bool IsFunctionAService(void* local_thunk) const override;
105 DISALLOW_COPY_AND_ASSIGN(Wow64ResolverThunk);
108 // This is the concrete resolver used to perform service-call type functions
109 // inside ntdll.dll on WOW64 for Windows 8.
110 class Wow64W8ResolverThunk : public ServiceResolverThunk {
111 public:
112 // The service resolver needs a child process to write to.
113 Wow64W8ResolverThunk(HANDLE process, bool relaxed)
114 : ServiceResolverThunk(process, relaxed) {}
115 ~Wow64W8ResolverThunk() override {}
117 private:
118 bool IsFunctionAService(void* local_thunk) const override;
120 DISALLOW_COPY_AND_ASSIGN(Wow64W8ResolverThunk);
123 // This is the concrete resolver used to perform service-call type functions
124 // inside ntdll.dll on Windows 8.
125 class Win8ResolverThunk : public ServiceResolverThunk {
126 public:
127 // The service resolver needs a child process to write to.
128 Win8ResolverThunk(HANDLE process, bool relaxed)
129 : ServiceResolverThunk(process, relaxed) {}
130 ~Win8ResolverThunk() override {}
132 private:
133 bool IsFunctionAService(void* local_thunk) const override;
135 DISALLOW_COPY_AND_ASSIGN(Win8ResolverThunk);
138 } // namespace sandbox
141 #endif // SANDBOX_SRC_SERVICE_RESOLVER_H__