Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-12-01 00:32:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1689136: Apply MITIGATION_HARDEN_TOKEN_IL_POLICY to main and launcher processes. r=handyman

Browse Source 
This also ensures that DEP without ATL thunk is enforced.

Differential Revision: https://phabricator.services.mozilla.com/D156069
This commit is contained in:
Bob Owen 2022-09-07 09:42:04 +00:00
parent 8c7b1e9f2d
commit 692f8a5532
3 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
browser/app/winlauncher/LauncherProcessWin.cpp
View File

@ -37,6 +37,10 @@
# include "SameBinary.h"
#endif // defined(MOZ_LAUNCHER_PROCESS)
#if defined(MOZ_SANDBOX)
# include "mozilla/sandboxing/SandboxInitialization.h"
#endif
namespace mozilla {
// "const" because nothing in this process modifies it.
// "volatile" because something in another process may.
@ -320,6 +324,11 @@ Maybe<int> LauncherMain(int& argc, wchar_t* argv[],
}
}
#if defined(MOZ_SANDBOX)
// Ensure the relevant mitigations are enforced.
mozilla::sandboxing::ApplyParentProcessMitigations();
#endif
mozilla::UseParentConsole();
if (!SetArgv0ToFullBinaryPath(argv)) {

12
security/sandbox/win/SandboxInitialization.cpp
View File

@ -8,6 +8,7 @@
#include "base/memory/ref_counted.h"
#include "nsWindowsDllInterceptor.h"
#include "sandbox/win/src/process_mitigations.h"
#include "sandbox/win/src/sandbox_factory.h"
#include "mozilla/DebugOnly.h"
#include "mozilla/sandboxing/permissionsService.h"
@ -177,6 +178,9 @@ static sandbox::BrokerServices* InitializeBrokerServices() {
scoped_refptr<sandbox::TargetPolicy> policy = brokerServices->CreatePolicy();
policy->CreateAlternateDesktop(true);
// Ensure the relevant mitigations are enforced.
mozilla::sandboxing::ApplyParentProcessMitigations();
return brokerServices;
}
@ -191,5 +195,13 @@ PermissionsService* GetPermissionsService() {
return PermissionsService::GetInstance();
}
void ApplyParentProcessMitigations() {
// The main reason for this call is for the token hardening, but chromium code
// also ensures DEP without ATL thunk so we do the same.
sandbox::ApplyProcessMitigationsToCurrentProcess(
sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK |
sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY);
}
} // namespace sandboxing
} // namespace mozilla

5
security/sandbox/win/SandboxInitialization.h
View File

@ -45,6 +45,11 @@ sandbox::BrokerServices* GetInitializedBrokerServices();
PermissionsService* GetPermissionsService();
/**
* Apply mitigations for parent processes.
*/
void ApplyParentProcessMitigations();
} // namespace sandboxing
} // namespace mozilla