Bug 1643200 - Rename BLOCK_WIN8_ONLY into BLOCK_WIN8_AND_OLDER. r=mhowell

`BLOCK_WIN8_ONLY` was introduced by bug 1268470 to block klsihk64.dll only on
Win8.  However, a new blocklist (bug 1445025) does wrong comparison on the OS
version, thus `BLOCK_WIN8_ONLY` has blocked modules on all platforms older than
Win10 including Win7 and Win8.1.

This patch corrects OS comparison and changes the flag to `BLOCK_WIN8_AND_OLDER`
to make it more handy.  We also remove `BLOCK_WIN8PLUS_ONLY` which is never used.

Differential Revision: https://phabricator.services.mozilla.com/D78411
This commit is contained in:
Toshihito Kikuchi 2020-06-05 17:12:57 +00:00
parent 29ad25e827
commit 411136143a
5 changed files with 15 additions and 27 deletions

View File

@ -163,21 +163,16 @@ static BlockAction CheckBlockInfo(const DllBlockInfo* aInfo,
uint64_t& aVersion) {
aVersion = DllBlockInfo::ALL_VERSIONS;
if (aInfo->mFlags &
(DllBlockInfo::BLOCK_WIN8PLUS_ONLY | DllBlockInfo::BLOCK_WIN8_ONLY)) {
if (aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) {
RTL_OSVERSIONINFOW osv = {sizeof(osv)};
NTSTATUS ntStatus = ::RtlGetVersion(&osv);
if (!NT_SUCCESS(ntStatus)) {
return BlockAction::Error;
}
if (osv.dwMajorVersion < 8) {
return BlockAction::Allow;
}
if ((aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
(osv.dwMajorVersion > 8 ||
(osv.dwMajorVersion == 8 && osv.dwMinorVersion > 0))) {
if ((aInfo->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) &&
(osv.dwMajorVersion > 6 ||
(osv.dwMajorVersion == 6 && osv.dwMinorVersion > 2))) {
return BlockAction::Allow;
}
}

View File

@ -463,13 +463,8 @@ static NTSTATUS NTAPI patched_LdrLoadDll(PWCHAR filePath, PULONG flags,
"Ignoring the REDIRECT_TO_NOOP_ENTRYPOINT flag\n");
}
if ((info->mFlags & DllBlockInfo::BLOCK_WIN8PLUS_ONLY) &&
!IsWin8OrLater()) {
goto continue_loading;
}
if ((info->mFlags & DllBlockInfo::BLOCK_WIN8_ONLY) &&
(!IsWin8OrLater() || IsWin8Point1OrLater())) {
if ((info->mFlags & DllBlockInfo::BLOCK_WIN8_AND_OLDER) &&
IsWin8Point1OrLater()) {
goto continue_loading;
}

View File

@ -36,12 +36,11 @@ struct DllBlockInfoT {
// only when we are a child process.
enum Flags {
FLAGS_DEFAULT = 0,
BLOCK_WIN8PLUS_ONLY = 1 << 0,
BLOCK_WIN8_ONLY = 1 << 1,
USE_TIMESTAMP = 1 << 2,
CHILD_PROCESSES_ONLY = 1 << 3,
BROWSER_PROCESS_ONLY = 1 << 4,
REDIRECT_TO_NOOP_ENTRYPOINT = 1 << 5,
BLOCK_WIN8_AND_OLDER = 1 << 0,
USE_TIMESTAMP = 1 << 1,
CHILD_PROCESSES_ONLY = 1 << 2,
BROWSER_PROCESS_ONLY = 1 << 3,
REDIRECT_TO_NOOP_ENTRYPOINT = 1 << 4,
} mFlags;
bool IsVersionBlocked(const uint64_t aOther) const {

View File

@ -193,7 +193,8 @@ ALL_PROCESSES += [
DllBlocklistEntry("nahimicmsidevprops.dll", UNVERSIONED),
# Bug 1268470 - crashes with Kaspersky Lab on Windows 8
DllBlocklistEntry("klsihk64.dll", (14, 0, 456, 0xffff), BLOCK_WIN8_ONLY),
DllBlocklistEntry("klsihk64.dll", (14, 0, 456, 0xffff),
BLOCK_WIN8_AND_OLDER),
# Bug 1579758, crashes with OpenSC nightly version 0.19.0.448 and lower
DllBlocklistEntry("onepin-opensc-pkcs11.dll", (0, 19, 0, 448)),

View File

@ -55,8 +55,7 @@ DLL_BLOCKLIST_DEFINITIONS_BEGIN_NAMED(gBlockedInprocDlls)
# These flag names should match the ones defined in WindowsDllBlocklistCommon.h
FLAGS_DEFAULT = 'FLAGS_DEFAULT'
BLOCK_WIN8PLUS_ONLY = 'BLOCK_WIN8PLUS_ONLY'
BLOCK_WIN8_ONLY = 'BLOCK_WIN8_ONLY'
BLOCK_WIN8_AND_OLDER = 'BLOCK_WIN8_AND_OLDER'
USE_TIMESTAMP = 'USE_TIMESTAMP'
CHILD_PROCESSES_ONLY = 'CHILD_PROCESSES_ONLY'
BROWSER_PROCESS_ONLY = 'BROWSER_PROCESS_ONLY'
@ -65,8 +64,7 @@ REDIRECT_TO_NOOP_ENTRYPOINT = 'REDIRECT_TO_NOOP_ENTRYPOINT'
# Only these flags are available in the input script
INPUT_ONLY_FLAGS = {
BLOCK_WIN8PLUS_ONLY,
BLOCK_WIN8_ONLY,
BLOCK_WIN8_AND_OLDER,
}