blob: 8a06ef06e2b786cbe80b7dc37ab1a19dfcc5768a [file] [log] [blame]
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#if defined(_WIN64)
#include "sandbox/win/src/sandbox_nt_types.h"
namespace blacklist {
// Max size of the DLL blacklist.
const size_t kTroublesomeDllsMaxCount = 64;
// The DLL blacklist.
extern const wchar_t* g_troublesome_dlls[kTroublesomeDllsMaxCount];
#if defined(_WIN64)
extern NtMapViewOfSectionFunction g_nt_map_view_of_section_func;
// Attempts to leave a beacon in the current user's registry hive. If the
// blacklist beacon doesn't say it is enabled or there are any other errors when
// creating the beacon, returns false. Otherwise returns true. The intent of the
// beacon is to act as an extra failure mode protection whereby if Chrome
// repeatedly fails to start during blacklist setup, it will skip blacklisting
// on the subsequent run.
bool LeaveSetupBeacon();
// Looks for the setup running beacon that LeaveSetupBeacon() creates and resets
// it to to show the setup was successful.
// Returns true if the beacon was successfully set to BLACKLIST_ENABLED.
bool ResetBeacon();
// Return the size of the current blacklist.
int BlacklistSize();
// Returns if true if the blacklist has been initialized.
extern "C" bool IsBlacklistInitialized();
// Returns the index of the DLL named |dll_name| on the blacklist, or -1 if not
// found.
extern "C" int GetBlacklistIndex(const wchar_t* dll_name);
// Adds the given dll name to the blacklist. Returns true if the dll name is in
// the blacklist when this returns, false on error. Note that this will copy
// |dll_name| and will leak it on exit if the string is not subsequently removed
// using RemoveDllFromBlacklist.
// Exposed for testing only, this shouldn't be exported from chrome_elf.dll.
extern "C" bool AddDllToBlacklist(const wchar_t* dll_name);
// Removes the given dll name from the blacklist. Returns true if it was
// removed, false on error.
// Exposed for testing only, this shouldn't be exported from chrome_elf.dll.
extern "C" bool RemoveDllFromBlacklist(const wchar_t* dll_name);
// Returns a list of all the dlls that have been successfully blocked by the
// blacklist via blocked_dlls, if there is enough space (according to |size|).
// |size| will always be modified to be the number of dlls that were blocked.
// The caller doesn't own the strings and isn't expected to free them. These
// strings won't be hanging unless RemoveDllFromBlacklist is called, but it
// is only exposed in tests (and should stay that way).
extern "C" void SuccessfullyBlocked(const wchar_t** blocked_dlls, int* size);
// Add the dlls, originally passed in through finch, from the registry to the
// blacklist so that they will be blocked identically to those hard coded in.
extern "C" void AddDllsFromRegistryToBlacklist();
// Record that the dll at the given index was blocked.
void BlockedDll(size_t blocked_index);
// Initializes the DLL blacklist in the current process. This should be called
// before any undesirable DLLs might be loaded. If |force| is set to true, then
// initialization will take place even if a beacon is present. This is useful
// for tests.
bool Initialize(bool force);
} // namespace blacklist