Closed Bug 1598703 Opened 1 year ago Closed 1 year ago

Add ability to intercept function calls using the Import Address Table on Windows.

Categories

(Core :: mozglue, enhancement)

Unspecified
Windows
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla73
Tracking Status
firefox73 --- fixed

People

(Reporter: bobowen, Assigned: aklotz)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

To work around issues with DWrite in a sandboxed process, chromium patches calls to certain functions in the Import Access Table [1].

We are almost certainly going to need to do this, to apply some of the future sandbox policy settings.

[1] https://cs.chromium.org/chromium/src/content/child/font_warmup_win.cc?type=cs&sq=package:chromium&g=0&l=386

I have a patch buried somewhere in my mercurial bookmarks. I'll need a bit of time to dig it out.

Moving this to mozglue since that's where the rest of our interception code lives.

Component: General → mozglue

I found the patch, but it's bitrotted. It shouldn't be too bad to update, but it does need some updating.

Blocks: 1603706
Depends on: 1604589
Assignee: nobody → aklotz
Status: NEW → ASSIGNED

Strictly speaking, the import descriptor includes more than just the IAT,
so renaming this method to reflect that.

This is a pretty straightforward patch; we add WindowsIATPatcher to
implement the actual IAT patching, and use a partial specialization of
FuncHook to account for the underlying differences in implementation vs our
existing interceptor code.

Depends on D57830

Pushed by aklotz@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6d7358a0e785
Part 1 - Rename PEHeaders::GetIATForModule to PEHeaders::GetImportDescriptor; r=mhowell
https://hg.mozilla.org/integration/autoland/rev/b9c2e8b94733
Part 2 - Add IAT Patching capabilities to the Windows DLL Interceptor; r=mhowell

Backed out 2 changesets (bug 1598703) for bustage at WindowsDllBlocklist.obj on a CLOSED TREE.

Backout link: https://hg.mozilla.org/integration/autoland/rev/2c5434ecfbd51db80fb25ed6f703035462439191

Push with failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&revision=b9c2e8b94733fb385baf7cda9c194e32066c4f39&selectedJob=282429322

Log link: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=282429322&repo=autoland&lineNumber=66299

Log snippet:

[task 2019-12-23T20:37:35.140Z] 20:37:35 INFO - mozmake.EXE[4]: Entering directory 'z:/build/build/src/obj-firefox/mozglue/dllservices'
[task 2019-12-23T20:37:35.141Z] 20:37:35 INFO - z:/build/fetches/sccache/sccache.exe z:/build/fetches/clang/bin/clang.exe --driver-mode=cl -Xclang -std=c++17 -m32 -FoWindowsDllBlocklist.obj -c -Iz:/build/build/src/obj-firefox/dist/stl_wrappers -guard:cf -DNDEBUG=1 -DTRIMMED=1 -DMOZ_HAS_MOZGLUE -DIMPL_MFBT -Iz:/build/build/src/mozglue/dllservices -Iz:/build/build/src/obj-firefox/mozglue/dllservices -Iz:/build/build/src/obj-firefox/dist/include -Iz:/build/build/src/obj-firefox/dist/include/nspr -Iz:/build/build/src/obj-firefox/dist/include/nss -MD -FI z:/build/build/src/obj-firefox/mozilla-config.h -DMOZILLA_CLIENT -Qunused-arguments -Qunused-arguments -fcrash-diagnostics-dir=z:/build/public/build -TP -nologo -Zc:sizedDealloc- -D_HAS_EXCEPTIONS=0 -W3 -Gy -Zc:inline -arch:SSE2 -Gw -Wno-inline-new-delete -Wno-invalid-offsetof -Wno-microsoft-enum-value -Wno-microsoft-include -Wno-unknown-pragmas -Wno-ignored-pragmas -Wno-deprecated-declarations -Wno-invalid-noreturn -Wno-inconsistent-missing-override -Wno-implicit-exception-spec-mismatch -Wno-microsoft-exception-spec -Wno-unused-local-typedef -Wno-ignored-attributes -Wno-used-but-marked-unused -D_SILENCE_TR1_NAMESPACE_DEPRECATION_WARNING -GR- -Z7 -Xclang -load -Xclang z:/build/build/src/obj-firefox/build/clang-plugin/clang-plugin.dll -Xclang -add-plugin -Xclang moz-check -O2 -Oy- -Werror -Xclang -MP -Xclang -dependency-file -Xclang .deps/WindowsDllBlocklist.obj.pp -Xclang -MT -Xclang WindowsDllBlocklist.obj z:/build/build/src/mozglue/dllservices/WindowsDllBlocklist.cpp
[task 2019-12-23T20:37:35.141Z] 20:37:35 INFO - In file included from z:/build/build/src/mozglue/dllservices/WindowsDllBlocklist.cpp:17:
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - z:/build/build/src/obj-firefox/dist/include\nsWindowsDllInterceptor.h(589,1): error: class 'FuncHook<mozilla::interceptor::WindowsIATPatcher, FuncPtrT>' must have trivial constructors and destructors
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - class MOZ_ONLY_USED_TO_AVOID_STATIC_CONSTRUCTORS
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - ^
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - 1 error generated.
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - z:/build/build/src/config/rules.mk:736: recipe for target 'WindowsDllBlocklist.obj' failed
[task 2019-12-23T20:37:35.142Z] 20:37:35 INFO - mozmake.EXE[4]: *** [WindowsDllBlocklist.obj] Error 1
[task 2019-12-23T20:37:35.143Z] 20:37:35 INFO - mozmake.EXE[4]: Leaving directory 'z:/build/build/src/obj-firefox/mozglue/dllservices'
[task 2019-12-23T20:37:35.143Z] 20:37:35 INFO - mozmake.EXE[4]: *** Waiting for unfinished jobs....
[task 2019-12-23T20:37:35.173Z] 20:37:35 INFO - mozmake.EXE[4]: Entering directory 'z:/build/build/src/obj-firefox/mozglue/build'
[task 2019-12-23T20:37:35.173Z] 20:37:35 INFO - mkdir -p '.deps/'
[task 2019-12-23T20:37:35.173Z] 20:37:35 INFO - mozmake.EXE[4]: Leaving directory 'z:/build/build/src/obj-firefox/mozglue/build'
[task 2019-12-23T20:37:35.194Z] 20:37:35 INFO - mozmake.EXE[4]: Entering directory 'z:/build/build/src/obj-firefox/mozglue/build'
[task 2019-12-23T20:37:35.194Z] 20:37:35 INFO - mozglue/build/SSE.obj

Flags: needinfo?(aklotz)
Flags: needinfo?(aklotz)
Pushed by aklotz@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/fa97417b2b48
Part 1 - Rename PEHeaders::GetIATForModule to PEHeaders::GetImportDescriptor; r=mhowell
https://hg.mozilla.org/integration/autoland/rev/ea8b5280d533
Part 2 - Add IAT Patching capabilities to the Windows DLL Interceptor; r=mhowell
Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla73
You need to log in before you can comment on or make changes to this bug.