base/process/process_info_win.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "base/process/process_info.h"
   6
   7 #include <windows.h>
   8
   9 #include "base/basictypes.h"
  10 #include "base/memory/scoped_ptr.h"
  11 #include "base/time/time.h"
  12 #include "base/win/scoped_handle.h"
  13 #include "base/win/windows_version.h"
  14
  15 namespace base {
  16
  17 // static
  18 const Time CurrentProcessInfo::CreationTime() {
  19   FILETIME creation_time = {};
  20   FILETIME ignore = {};
  21   if (::GetProcessTimes(::GetCurrentProcess(), &creation_time, &ignore,
  22       &ignore, &ignore) == false)
  23     return Time();
  24
  25   return Time::FromFileTime(creation_time);
  26 }
  27
  28 IntegrityLevel GetCurrentProcessIntegrityLevel() {
  29   if (win::GetVersion() < base::win::VERSION_VISTA)
  30     return INTEGRITY_UNKNOWN;
  31
  32   HANDLE process_token;
  33   if (!::OpenProcessToken(::GetCurrentProcess(),
  34                           TOKEN_QUERY | TOKEN_QUERY_SOURCE, &process_token)) {
  35     return INTEGRITY_UNKNOWN;
  36   }
  37   win::ScopedHandle scoped_process_token(process_token);
  38
  39   DWORD token_info_length = 0;
  40   if (::GetTokenInformation(process_token, TokenIntegrityLevel, NULL, 0,
  41                             &token_info_length) ||
  42       ::GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
  43     return INTEGRITY_UNKNOWN;
  44   }
  45
  46   scoped_ptr<char[]> token_label_bytes(new char[token_info_length]);
  47   if (!token_label_bytes.get())
  48     return INTEGRITY_UNKNOWN;
  49
  50   TOKEN_MANDATORY_LABEL* token_label =
  51       reinterpret_cast<TOKEN_MANDATORY_LABEL*>(token_label_bytes.get());
  52   if (!token_label)
  53     return INTEGRITY_UNKNOWN;
  54
  55   if (!::GetTokenInformation(process_token, TokenIntegrityLevel, token_label,
  56                              token_info_length, &token_info_length)) {
  57     return INTEGRITY_UNKNOWN;
  58   }
  59
  60   DWORD integrity_level = *::GetSidSubAuthority(
  61       token_label->Label.Sid,
  62       static_cast<DWORD>(*::GetSidSubAuthorityCount(token_label->Label.Sid)-1));
  63
  64   if (integrity_level < SECURITY_MANDATORY_MEDIUM_RID)
  65     return LOW_INTEGRITY;
  66
  67   if (integrity_level >= SECURITY_MANDATORY_MEDIUM_RID &&
  68       integrity_level < SECURITY_MANDATORY_HIGH_RID) {
  69     return MEDIUM_INTEGRITY;
  70   }
  71
  72   if (integrity_level >= SECURITY_MANDATORY_HIGH_RID)
  73     return HIGH_INTEGRITY;
  74
  75   NOTREACHED();
  76   return INTEGRITY_UNKNOWN;
  77 }
  78
  79 }  // namespace base