1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/win/src/sync_interception.h"
7 #include "sandbox/win/src/crosscall_client.h"
8 #include "sandbox/win/src/ipc_tags.h"
9 #include "sandbox/win/src/policy_params.h"
10 #include "sandbox/win/src/policy_target.h"
11 #include "sandbox/win/src/sandbox_factory.h"
12 #include "sandbox/win/src/sandbox_nt_util.h"
13 #include "sandbox/win/src/sharedmem_ipc_client.h"
14 #include "sandbox/win/src/target_services.h"
18 ResultCode ProxyCreateEvent(LPCWSTR name,
20 EVENT_TYPE event_type,
22 CrossCallReturn* answer) {
23 CountedParameterSet<NameBased> params;
24 params[NameBased::NAME] = ParamPickerMake(name);
26 if (!QueryBroker(IPC_CREATEEVENT_TAG, params.GetBase()))
27 return SBOX_ERROR_GENERIC;
29 SharedMemIPCClient ipc(ipc_memory);
30 ResultCode code = CrossCall(ipc, IPC_CREATEEVENT_TAG, name, event_type,
31 initial_state, answer);
35 ResultCode ProxyOpenEvent(LPCWSTR name,
36 uint32 desired_access,
38 CrossCallReturn* answer) {
39 CountedParameterSet<OpenEventParams> params;
40 params[OpenEventParams::NAME] = ParamPickerMake(name);
41 params[OpenEventParams::ACCESS] = ParamPickerMake(desired_access);
43 if (!QueryBroker(IPC_OPENEVENT_TAG, params.GetBase()))
44 return SBOX_ERROR_GENERIC;
46 SharedMemIPCClient ipc(ipc_memory);
47 ResultCode code = CrossCall(ipc, IPC_OPENEVENT_TAG, name, desired_access,
53 NTSTATUS WINAPI TargetNtCreateEvent(NtCreateEventFunction orig_CreateEvent,
55 ACCESS_MASK desired_access,
56 POBJECT_ATTRIBUTES object_attributes,
57 EVENT_TYPE event_type,
58 BOOLEAN initial_state) {
59 NTSTATUS status = orig_CreateEvent(event_handle, desired_access,
60 object_attributes, event_type,
62 if (status != STATUS_ACCESS_DENIED || !object_attributes)
65 // We don't trust that the IPC can work this early.
66 if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
70 if (!ValidParameter(event_handle, sizeof(HANDLE), WRITE))
73 void* memory = GetGlobalIPCMemory();
77 OBJECT_ATTRIBUTES object_attribs_copy = *object_attributes;
78 // The RootDirectory points to BaseNamedObjects. We can ignore it.
79 object_attribs_copy.RootDirectory = NULL;
82 uint32 attributes = 0;
83 NTSTATUS ret = AllocAndCopyName(&object_attribs_copy, &name, &attributes,
85 if (!NT_SUCCESS(ret) || name == NULL)
88 CrossCallReturn answer = {0};
89 answer.nt_status = status;
90 ResultCode code = ProxyCreateEvent(name, initial_state, event_type, memory,
92 operator delete(name, NT_ALLOC);
94 if (code != SBOX_ALL_OK) {
95 status = answer.nt_status;
99 *event_handle = answer.handle;
100 status = STATUS_SUCCESS;
101 } __except(EXCEPTION_EXECUTE_HANDLER) {
109 NTSTATUS WINAPI TargetNtOpenEvent(NtOpenEventFunction orig_OpenEvent,
110 PHANDLE event_handle,
111 ACCESS_MASK desired_access,
112 POBJECT_ATTRIBUTES object_attributes) {
113 NTSTATUS status = orig_OpenEvent(event_handle, desired_access,
115 if (status != STATUS_ACCESS_DENIED || !object_attributes)
118 // We don't trust that the IPC can work this early.
119 if (!SandboxFactory::GetTargetServices()->GetState()->InitCalled())
123 if (!ValidParameter(event_handle, sizeof(HANDLE), WRITE))
126 void* memory = GetGlobalIPCMemory();
130 OBJECT_ATTRIBUTES object_attribs_copy = *object_attributes;
131 // The RootDirectory points to BaseNamedObjects. We can ignore it.
132 object_attribs_copy.RootDirectory = NULL;
134 wchar_t* name = NULL;
135 uint32 attributes = 0;
136 NTSTATUS ret = AllocAndCopyName(&object_attribs_copy, &name, &attributes,
138 if (!NT_SUCCESS(ret) || name == NULL)
141 CrossCallReturn answer = {0};
142 answer.nt_status = status;
143 ResultCode code = ProxyOpenEvent(name, desired_access, memory, &answer);
144 operator delete(name, NT_ALLOC);
146 if (code != SBOX_ALL_OK) {
147 status = answer.nt_status;
151 *event_handle = answer.handle;
152 status = STATUS_SUCCESS;
153 } __except(EXCEPTION_EXECUTE_HANDLER) {
161 } // namespace sandbox