diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-10-31 11:28:09 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-12-19 14:05:40 +0100 |
commit | 79d4cf6e8eb569ec039c33e407fab787cc1a687f (patch) | |
tree | b62d60ef2a8d1ed5662cdc38a68505ac018f1bf4 /src/process | |
parent | 16651238b839b0e85c8a225657b6650c6005b176 (diff) | |
download | qtwebengine-79d4cf6e8eb569ec039c33e407fab787cc1a687f.tar.gz |
Enable Windows sandbox
Enable sandboxing on Windows. Enable heterogeneous sandbox symbol
resolution and statically link the sandboxing code into the helper
process. This means we have two copies of the sandboxing code,
one statically linked in the executable and one in the shared
library. Since they are not exported they don't conflict, but
we need to take to initialize the right version in the helper process
binary, and pass its sandbox interface to shared library using it.
For sandbox debug output, we also need to initialize the second copy
of the commandlineparser and logging system.
Fixes: QTBUG-51170
Change-Id: I8f503c8d6b40674465f32772ef906817dad2b449
Reviewed-by: Kirill Burtsev <kirill.burtsev@qt.io>
Diffstat (limited to 'src/process')
-rw-r--r-- | src/process/main.cpp | 8 | ||||
-rw-r--r-- | src/process/process.pro | 21 | ||||
-rw-r--r-- | src/process/support_win.cpp | 49 |
3 files changed, 75 insertions, 3 deletions
diff --git a/src/process/main.cpp b/src/process/main.cpp index ef653e109..53596d0ee 100644 --- a/src/process/main.cpp +++ b/src/process/main.cpp @@ -89,13 +89,17 @@ struct tm* localtime64_r_proxy(const time_t* timep, struct tm* result) #endif // defined(OS_LINUX) #ifdef Q_OS_WIN +namespace QtWebEngineProcess { void initDpiAwareness(); +void initializeStaticCopy(int argc, const char **argv); +} // namespace #endif // defined(Q_OS_WIN) int main(int argc, const char **argv) { #ifdef Q_OS_WIN - initDpiAwareness(); + QtWebEngineProcess::initializeStaticCopy(argc, argv); + QtWebEngineProcess::initDpiAwareness(); #endif // Chromium on Linux manipulates argv to set a process title @@ -123,6 +127,6 @@ int main(int argc, const char **argv) QCoreApplication qtApplication(argc, argv_.get()); - return QtWebEngine::processMain(argc, argv); + return QtWebEngineCore::processMain(argc, argv); } diff --git a/src/process/process.pro b/src/process/process.pro index 0bdc9dd93..ecde20d04 100644 --- a/src/process/process.pro +++ b/src/process/process.pro @@ -9,7 +9,28 @@ INCLUDEPATH += ../core SOURCES = main.cpp +# On windows we need to statically link to the windows sandbox code win32 { + # The Chromium headers we include are not clean + CONFIG -= warnings_are_errors + + # Look for linking information produced by GN + linking_pri = $$OUT_PWD/../core/$$getConfigDir()/qtwebengine_sandbox_win.pri + + !include($$linking_pri) { + error("Could not find the linking information that gn should have generated.") + } + isEmpty(NINJA_OBJECTS): error("//sandbox/win:sandbox linking changed, update process.pro") + isEmpty(NINJA_ARCHIVES): error("//sandbox/win:sandbox linking changed, update process.pro") + + LIBS_PRIVATE += $$NINJA_LIB_DIRS $$NINJA_LIBS $$NINJA_ARCHIVES $$NINJA_OBJECTS + QMAKE_LFLAGS += $$NINJA_LFLAGS + POST_TARGETDEPS += $$eval($$NINJA_TARGETDEPS) + + CHROMIUM_SRC_DIR = $$QTWEBENGINE_ROOT/$$getChromiumSrcDir() + INCLUDEPATH += $$CHROMIUM_SRC_DIR \ + $$OUT_PWD/../core/$$getConfigDir()/gen + SOURCES += \ support_win.cpp diff --git a/src/process/support_win.cpp b/src/process/support_win.cpp index 3d0ef37bf..4fe69b7a9 100644 --- a/src/process/support_win.cpp +++ b/src/process/support_win.cpp @@ -41,7 +41,13 @@ #include <qoperatingsystemversion.h> #include <qsysinfo.h> #include <qt_windows.h> -#include <Tlhelp32.h> +#include <TlHelp32.h> +#include "../3rdparty/chromium/sandbox/win/src/process_mitigations.h" +#include "../3rdparty/chromium/sandbox/win/src/sandbox_factory.h" + +#ifndef NDEBUG +#include "../3rdparty/chromium/base/command_line.h" +#endif class User32DLL { public: @@ -134,6 +140,45 @@ static DWORD getParentProcessId() return parentPid; } +namespace QtWebEngineCore { +extern __declspec(dllimport) sandbox::SandboxInterfaceInfo *staticSandboxInterfaceInfo(sandbox::SandboxInterfaceInfo *info = nullptr); +} + +namespace QtWebEngineProcess { + +// A duplicate of the function by same name in startup_helper_win.cc +static void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo *info) +{ + info->broker_services = sandbox::SandboxFactory::GetBrokerServices(); + if (!info->broker_services) { + info->target_services = sandbox::SandboxFactory::GetTargetServices(); + } else { + // Ensure the proper mitigations are enforced for the browser process. + sandbox::ApplyProcessMitigationsToCurrentProcess( + sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK | + sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY); + // Note: these mitigations are "post-startup". Some mitigations that need + // to be enabled sooner (e.g. MITIGATION_EXTENSION_POINT_DISABLE) are done + // so in Chrome_ELF. + } +} + +// Initializes the staticlib copy of //base and //sandbox used for Windows sandboxing +void initializeStaticCopy(int argc, const char **argv) +{ +#ifndef NDEBUG + // Initialize //base for debugging + base::CommandLine::Init(argc, argv); + logging::LoggingSettings settings; + settings.logging_dest = logging::LOG_TO_SYSTEM_DEBUG_LOG; + logging::InitLogging(settings); +#endif + sandbox::SandboxInterfaceInfo *info = new sandbox::SandboxInterfaceInfo(); + memset(info, 0, sizeof(sandbox::SandboxInterfaceInfo)); + InitializeSandboxInfo(info); + QtWebEngineCore::staticSandboxInterfaceInfo(info); +} + void initDpiAwareness() { ShcoreDLL shcore; @@ -157,3 +202,5 @@ void initDpiAwareness() user32.setProcessDPIAware(); } } + +} // namespace QtWebEngineProcess |