diff --git a/sandbox/win/BUILD.gn b/sandbox/win/BUILD.gn index 5b41184003cab3..2acc1c9a2f7f13 100644 --- a/sandbox/win/BUILD.gn +++ b/sandbox/win/BUILD.gn @@ -140,7 +140,7 @@ static_library("sandbox") { "src/window.h", ] - if (current_cpu == "x64") { + if (current_cpu == "x64" || current_cpu == "arm64") { sources += [ "src/interceptors_64.cc", "src/interceptors_64.h", diff --git a/sandbox/win/src/lpc_policy_test.cc b/sandbox/win/src/lpc_policy_test.cc index 224add7db86f21..3b3269708c7b69 100644 --- a/sandbox/win/src/lpc_policy_test.cc +++ b/sandbox/win/src/lpc_policy_test.cc @@ -12,6 +12,7 @@ #include #include "base/win/windows_version.h" +#include "build/build_config.h" #include "sandbox/win/src/heap_helper.h" #include "sandbox/win/src/sandbox.h" #include "sandbox/win/src/sandbox_factory.h" @@ -208,7 +209,14 @@ TEST(LpcPolicyTest, TestCanFindCsrPortHeap) { EXPECT_NE(nullptr, csr_port_handle); } -TEST(LpcPolicyTest, TestHeapFlags) { +// Fails on Windows ARM64: https://crbug.com/905328 +#if defined(ARCH_CPU_ARM64) +#define MAYBE_TestHeapFlags DISABLED_TestHeapFlags +#else +#define MAYBE_TestHeapFlags TestHeapFlags +#endif + +TEST(LpcPolicyTest, MAYBE_TestHeapFlags) { if (!CsrssDisconnectSupported()) { // This functionality has not been verified on versions before Win10. return; diff --git a/sandbox/win/src/process_policy_test.cc b/sandbox/win/src/process_policy_test.cc index 46e739873d2557..8d5dcbe3fbe260 100644 --- a/sandbox/win/src/process_policy_test.cc +++ b/sandbox/win/src/process_policy_test.cc @@ -11,6 +11,7 @@ #include "base/win/scoped_handle.h" #include "base/win/scoped_process_information.h" #include "base/win/windows_version.h" +#include "build/build_config.h" #include "sandbox/win/src/process_thread_interception.h" #include "sandbox/win/src/sandbox.h" #include "sandbox/win/src/sandbox_factory.h" @@ -419,7 +420,13 @@ TEST(ProcessPolicyTest, CreateProcessAW) { } // Tests that the broker correctly handles a process crashing within the job. -TEST(ProcessPolicyTest, CreateProcessCrashy) { +// Fails on Windows ARM64: https://crbug.com/905526 +#if defined(ARCH_CPU_ARM64) +#define MAYBE_CreateProcessCrashy DISABLED_CreateProcessCrashy +#else +#define MAYBE_CreateProcessCrashy CreateProcessCrashy +#endif +TEST(ProcessPolicyTest, MAYBE_CreateProcessCrashy) { TestRunner runner; EXPECT_EQ(static_cast(STATUS_BREAKPOINT), runner.RunTest(L"Process_Crash")); diff --git a/sandbox/win/src/resolver_64.cc b/sandbox/win/src/resolver_64.cc index 19c4ec7604d983..c6c8868832ff2c 100644 --- a/sandbox/win/src/resolver_64.cc +++ b/sandbox/win/src/resolver_64.cc @@ -14,6 +14,8 @@ namespace { +#if defined(_M_X64) + const USHORT kMovRax = 0xB848; const USHORT kJmpRax = 0xe0ff; @@ -36,6 +38,32 @@ struct InternalThunk { }; #pragma pack(pop) +#elif defined(_M_ARM64) + +const ULONG kLdrX16Pc4 = 0x58000050; +const ULONG kBrX16 = 0xD61F0200; + +#pragma pack(push, 4) +struct InternalThunk { + // This struct contains roughly the following code: + // 00 58000050 ldr x16, pc+4 + // 04 D61F0200 br x16 + // 08 123456789ABCDEF0H + + InternalThunk() { + ldr_x16_pc4 = kLdrX16Pc4; + br_x16 = kBrX16; + interceptor_function = 0; + }; + ULONG ldr_x16_pc4; + ULONG br_x16; + ULONG_PTR interceptor_function; +}; +#pragma pack(pop) +#else +#error "Unsupported Windows 64-bit Arch" +#endif + } // namespace. namespace sandbox { diff --git a/sandbox/win/src/sandbox_nt_util.h b/sandbox/win/src/sandbox_nt_util.h index 85743e72aea9ba..08880d192995e1 100644 --- a/sandbox/win/src/sandbox_nt_util.h +++ b/sandbox/win/src/sandbox_nt_util.h @@ -60,7 +60,7 @@ void __cdecl operator delete(void* memory, namespace sandbox { -#if defined(_M_X64) +#if defined(_M_X64) || defined(_M_ARM64) #pragma intrinsic(_InterlockedCompareExchange) #pragma intrinsic(_InterlockedCompareExchangePointer) diff --git a/sandbox/win/src/service_resolver_64.cc b/sandbox/win/src/service_resolver_64.cc index 56af8ba8e0193c..23aaed8d9c1261 100644 --- a/sandbox/win/src/service_resolver_64.cc +++ b/sandbox/win/src/service_resolver_64.cc @@ -12,6 +12,7 @@ #include "sandbox/win/src/win_utils.h" namespace { +#if defined(_M_X64) #pragma pack(push, 1) const ULONG kMmovR10EcxMovEax = 0xB8D18B4C; @@ -129,6 +130,44 @@ bool IsServiceWithInt2E(const void* source) { kRet == service->ret && kRet == service->ret2); } +bool IsAnyService(const void* source) { + return IsService(source) || IsServiceW8(source) || IsServiceWithInt2E(source); +} + +#elif defined(_M_ARM64) +#pragma pack(push, 4) + +const ULONG kSvc = 0xD4000001; +const ULONG kRetNp = 0xD65F03C0; +const ULONG kServiceIdMask = 0x001FFFE0; + +struct ServiceEntry { + ULONG svc; + ULONG ret; + ULONG64 unused; +}; + +struct ServiceFullThunk { + ServiceEntry original; +}; + +#pragma pack(pop) + +bool IsService(const void* source) { + const ServiceEntry* service = reinterpret_cast(source); + + return (kSvc == (service->svc & ~kServiceIdMask) && kRetNp == service->ret && + 0 == service->unused); +} + +bool IsAnyService(const void* source) { + return IsService(source); +} + +#else +#error "Unsupported Windows 64-bit Arch" +#endif + }; // namespace namespace sandbox { @@ -201,8 +240,7 @@ bool ServiceResolverThunk::IsFunctionAService(void* local_thunk) const { if (sizeof(function_code) != read) return false; - if (!IsService(&function_code) && !IsServiceW8(&function_code) && - !IsServiceWithInt2E(&function_code)) + if (!IsAnyService(&function_code)) return false; // Save the verified code. diff --git a/sandbox/win/src/unload_dll_test.cc b/sandbox/win/src/unload_dll_test.cc index dbb876fba1e840..0acb178987f60b 100644 --- a/sandbox/win/src/unload_dll_test.cc +++ b/sandbox/win/src/unload_dll_test.cc @@ -3,6 +3,7 @@ // found in the LICENSE file. #include "base/win/scoped_handle.h" +#include "build/build_config.h" #include "sandbox/win/src/sandbox.h" #include "sandbox/win/src/sandbox_factory.h" #include "sandbox/win/src/target_services.h" @@ -40,7 +41,13 @@ SBOX_TESTS_COMMAND int SimpleOpenEvent(int argc, wchar_t** argv) { return event_open.Get() ? SBOX_TEST_SUCCEEDED : SBOX_TEST_FAILED; } -TEST(UnloadDllTest, BaselineAvicapDll) { +// Fails on Windows ARM64: https://crbug.com/905526 +#if defined(ARCH_CPU_ARM64) +#define MAYBE_BaselineAvicapDll DISABLED_BaselineAvicapDll +#else +#define MAYBE_BaselineAvicapDll BaselineAvicapDll +#endif +TEST(UnloadDllTest, MAYBE_BaselineAvicapDll) { TestRunner runner; runner.SetTestState(BEFORE_REVERT); runner.SetTimeout(2000);