Allow kernel driver access for audio sandbox.

In default sandbox policy handles to kernel drivers are closed [1][2]. In order to allow audio service to access device properties (such as friendly name as reported by linked bug), disable default policy for audio sandbox and configure a customized default policy on audio sandbox PreSpawn. [1] https://cs.chromium.org/chromium/src/services/service_manager/sandbox/win/sandbox_win.cc?rcl=a35a7fe2bea84fe913ea585ba642357279e0a5cf&l=418 [2] https://cs.chromium.org/chromium/src/services/service_manager/sandbox/win/sandbox_win.cc?rcl=a35a7fe2bea84fe913ea585ba642357279e0a5cf&l=932 Bug: 883326 Change-Id: I676f6820a0c1a4e5bd02bf7e66bec9764fc36731 Reviewed-on: https://chromium-review.googlesource.com/c/1256828 Commit-Queue: Marina Ciocea <marinaciocea@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: James Forshaw <forshaw@chromium.org> Cr-Commit-Position: refs/heads/master@{#596001}

Allow kernel driver access for audio sandbox.
In default sandbox policy handles to kernel drivers are closed [1][2]. In order to allow audio service to access device properties (such as friendly name as reported by linked bug), disable default policy for audio sandbox and configure a customized default policy on audio sandbox PreSpawn. [1] https://cs.chromium.org/chromium/src/services/service_manager/sandbox/win/sandbox_win.cc?rcl=a35a7fe2bea84fe913ea585ba642357279e0a5cf&l=418 [2] https://cs.chromium.org/chromium/src/services/service_manager/sandbox/win/sandbox_win.cc?rcl=a35a7fe2bea84fe913ea585ba642357279e0a5cf&l=932 Bug: 883326 Change-Id: I676f6820a0c1a4e5bd02bf7e66bec9764fc36731 Reviewed-on: https://chromium-review.googlesource.com/c/1256828 Commit-Queue: Marina Ciocea <marinaciocea@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: James Forshaw <forshaw@chromium.org> Cr-Commit-Position: refs/heads/master@{#596001}
b20112dc · Marina Ciocea · Commit Bot · 1f530ad4 · b20112dc · b20112dc
Commit b20112dc authored Oct 02, 2018 by Marina Ciocea Committed by Commit Bot Oct 02, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 2 deletions

content/browser/utility_process_host.cc content/browser/utility_process_host.cc +11 -2

services/audio/audio_sandbox_win.cc services/audio/audio_sandbox_win.cc +7 -0

No files found.
--- a/content/browser/utility_process_host.cc
+++ b/content/browser/utility_process_host.cc
@@ -102,8 +102,17 @@ class UtilitySandboxedProcessLauncherDelegate
  }
  bool DisableDefaultPolicy() override {
-    return sandbox_type_ == service_manager::SANDBOX_TYPE_XRCOMPOSITING &&
+    switch (sandbox_type_) {
-           base::FeatureList::IsEnabled(service_manager::features::kXRSandbox);
+      case service_manager::SANDBOX_TYPE_AUDIO:
+        // Default policy is disabled for audio process to allow audio drivers
+        // to read device properties (https://crbug.com/883326).
+        return true;
+      case service_manager::SANDBOX_TYPE_XRCOMPOSITING:
+        return base::FeatureList::IsEnabled(
+            service_manager::features::kXRSandbox);
+      default:
+        return false;
+    }
  }
  bool ShouldLaunchElevated() override {

--- a/services/audio/audio_sandbox_win.cc
+++ b/services/audio/audio_sandbox_win.cc
@@ -43,6 +43,13 @@ bool AudioPreSpawnTarget(sandbox::TargetPolicy* policy) {
  policy->SetTokenLevel(sandbox::USER_RESTRICTED_SAME_ACCESS,
                        sandbox::USER_NON_ADMIN);
  policy->SetDelayedIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
+  // Custom default policy allowing audio drivers to read device properties
+  // (https://crbug.com/883326).
+  policy->SetIntegrityLevel(sandbox::INTEGRITY_LEVEL_LOW);
+  policy->SetLockdownDefaultDacl();
+  policy->SetAlternateDesktop(true);
  return true;
 }