diff options
Diffstat (limited to 'src/process/support_win.cpp')
| -rw-r--r-- | src/process/support_win.cpp | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/src/process/support_win.cpp b/src/process/support_win.cpp index 3d0ef37bf..4fe69b7a9 100644 --- a/src/process/support_win.cpp +++ b/src/process/support_win.cpp @@ -41,7 +41,13 @@ #include <qoperatingsystemversion.h> #include <qsysinfo.h> #include <qt_windows.h> -#include <Tlhelp32.h> +#include <TlHelp32.h> +#include "../3rdparty/chromium/sandbox/win/src/process_mitigations.h" +#include "../3rdparty/chromium/sandbox/win/src/sandbox_factory.h" + +#ifndef NDEBUG +#include "../3rdparty/chromium/base/command_line.h" +#endif class User32DLL { public: @@ -134,6 +140,45 @@ static DWORD getParentProcessId() return parentPid; } +namespace QtWebEngineCore { +extern __declspec(dllimport) sandbox::SandboxInterfaceInfo *staticSandboxInterfaceInfo(sandbox::SandboxInterfaceInfo *info = nullptr); +} + +namespace QtWebEngineProcess { + +// A duplicate of the function by same name in startup_helper_win.cc +static void InitializeSandboxInfo(sandbox::SandboxInterfaceInfo *info) +{ + info->broker_services = sandbox::SandboxFactory::GetBrokerServices(); + if (!info->broker_services) { + info->target_services = sandbox::SandboxFactory::GetTargetServices(); + } else { + // Ensure the proper mitigations are enforced for the browser process. + sandbox::ApplyProcessMitigationsToCurrentProcess( + sandbox::MITIGATION_DEP | sandbox::MITIGATION_DEP_NO_ATL_THUNK | + sandbox::MITIGATION_HARDEN_TOKEN_IL_POLICY); + // Note: these mitigations are "post-startup". Some mitigations that need + // to be enabled sooner (e.g. MITIGATION_EXTENSION_POINT_DISABLE) are done + // so in Chrome_ELF. + } +} + +// Initializes the staticlib copy of //base and //sandbox used for Windows sandboxing +void initializeStaticCopy(int argc, const char **argv) +{ +#ifndef NDEBUG + // Initialize //base for debugging + base::CommandLine::Init(argc, argv); + logging::LoggingSettings settings; + settings.logging_dest = logging::LOG_TO_SYSTEM_DEBUG_LOG; + logging::InitLogging(settings); +#endif + sandbox::SandboxInterfaceInfo *info = new sandbox::SandboxInterfaceInfo(); + memset(info, 0, sizeof(sandbox::SandboxInterfaceInfo)); + InitializeSandboxInfo(info); + QtWebEngineCore::staticSandboxInterfaceInfo(info); +} + void initDpiAwareness() { ShcoreDLL shcore; @@ -157,3 +202,5 @@ void initDpiAwareness() user32.setProcessDPIAware(); } } + +} // namespace QtWebEngineProcess |