47_add_back_query_file_semantics.patch (2737B)
1 Adds back the ability to allow just querying of file attributes to the config. 2 We currently use this for shader cache rules. 3 4 diff --git a/sandbox/win/src/filesystem_policy.cc b/sandbox/win/src/filesystem_policy.cc 5 --- a/sandbox/win/src/filesystem_policy.cc 6 +++ b/sandbox/win/src/filesystem_policy.cc 7 @@ -114,24 +114,27 @@ bool FileSystemPolicy::GenerateRules(con 8 GENERIC_EXECUTE | READ_CONTROL; 9 DWORD restricted_flags = ~allowed_flags; 10 open.AddNumberMatch(IF_NOT, OpenFile::ACCESS, restricted_flags, AND); 11 open.AddNumberMatch(IF, OpenFile::OPENONLY, true, EQUAL); 12 create.AddNumberMatch(IF_NOT, OpenFile::ACCESS, restricted_flags, AND); 13 create.AddNumberMatch(IF, OpenFile::OPENONLY, true, EQUAL); 14 } 15 16 - if (!create.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 17 - !policy->AddRule(IpcTag::NTCREATEFILE, &create)) { 18 - return false; 19 - } 20 + // Create and open are not allowed for query. 21 + if (semantics != FileSemantics::kAllowQuery) { 22 + if (!create.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 23 + !policy->AddRule(IpcTag::NTCREATEFILE, &create)) { 24 + return false; 25 + } 26 27 - if (!open.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 28 - !policy->AddRule(IpcTag::NTOPENFILE, &open)) { 29 - return false; 30 + if (!open.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 31 + !policy->AddRule(IpcTag::NTOPENFILE, &open)) { 32 + return false; 33 + } 34 } 35 36 if (!query.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 37 !policy->AddRule(IpcTag::NTQUERYATTRIBUTESFILE, &query)) { 38 return false; 39 } 40 41 if (!query_full.AddStringMatch(IF, OpenFile::NAME, name, CASE_INSENSITIVE) || 42 diff --git a/sandbox/win/src/sandbox_policy.h b/sandbox/win/src/sandbox_policy.h 43 --- a/sandbox/win/src/sandbox_policy.h 44 +++ b/sandbox/win/src/sandbox_policy.h 45 @@ -28,16 +28,17 @@ enum class Desktop { 46 }; 47 48 // Allowable semantics when an AllowFileAccess() rule is matched. 49 enum class FileSemantics { 50 kAllowAny, // Allows open or create for any kind of access that 51 // the file system supports. 52 kAllowReadonly, // Allows open or create with read access only 53 // (includes access to query the attributes of a file). 54 + kAllowQuery, // Allows access to query the attributes of a file. 55 }; 56 57 // Policy configuration that can be shared over multiple targets of the same tag 58 // (see BrokerServicesBase::CreatePolicy(tag)). Methods in TargetConfig will 59 // only need to be called the first time a TargetPolicy object with a given tag 60 // is configured. 61 // 62 // We need [[clang::lto_visibility_public]] because instances of this class are