[Bug 53981] New: Chromium broken sandbox due to GetSecurityInfo giving access denied
https://bugs.winehq.org/show_bug.cgi?id=53981 Bug ID: 53981 Summary: Chromium broken sandbox due to GetSecurityInfo giving access denied Product: Wine Version: 7.21 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: dark.shadow4(a)web.de Distribution: --- Created attachment 73562 --> https://bugs.winehq.org/attachment.cgi?id=73562 Hack to make it run Chromium added some changes that break under wine. Bisected to https://github.com/chromium/chromium/commit/334d609732bfa22da7e5dd5e3543949c... Callstack: https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... broker_services.cc: ResultCode BrokerServicesBase::CreateAlternateDesktop(Desktop desktop) ResultCode result = alt_winstation_->Initialize(true); ResultCode result = alt_desktop_->Initialize(false); https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... alternate_desktop.cc: ResultCode AlternateDesktop::Initialize(bool alternate_winstation) ResultCode result = CreateAltWindowStation(&winstation_); https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... window.cc: ResultCode CreateAltWindowStation(HWINSTA* winsta) if (!GetSecurityAttributes(current_winsta, &attributes)) https://github.com/chromium/chromium/blob/334d609732bfa22da7e5dd5e3543949c94... window.cc: bool GetSecurityAttributes(HANDLE handle, SECURITY_ATTRIBUTES* attributes) GetSecurityInfo Then we enter "GetSecurityInfo" inside Wine. That calls into NtQuerySecurityObject And inside wineserver we call struct object *get_handle_obj( struct process *process, obj_handle_t handle, unsigned int access, const struct object_ops *ops ) which returns STATUS_ACCESS_DENIED Attaching a hack to remove that check, that makes chrome run. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download URL| |https://www.googleapis.com/ | |download/storage/v1/b/chrom | |ium-browser-snapshots/o/Win | |%2F1061307%2Fchrome-win.zip | |?generation=166622888601081 | |9&alt=media -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- URL|https://www.googleapis.com/ |https://commondatastorage.g |download/storage/v1/b/chrom |oogleapis.com/chromium-brow |ium-browser-snapshots/o/Win |ser-snapshots/index.html?pr |%2F1061307%2Fchrome-win.zip |efix=Win/1061445/ |?generation=166622888601081 | |9&alt=media | --- Comment #1 from Fabian Maurer <dark.shadow4(a)web.de> --- Download chrome-win.zip -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 --- Comment #2 from Fabian Maurer <dark.shadow4(a)web.de> --- The result is an immediate
[1126/030513.259:FATAL:sandbox.cc(62)] Check failed: result == SBOX_ALL_OK.
Later on it would crash to the chromium paging protection bug, but that doesn't matter for this issue. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Fabian Maurer <dark.shadow4(a)web.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |53983 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 --- Comment #3 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- Created attachment 73615 --> https://bugs.winehq.org/attachment.cgi?id=73615 patch Attached patch set fixes this one and another similar bug. With these patches Chromium starts to create its main window, and faces another bunch of new problems. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 --- Comment #4 from Fabian Maurer <dark.shadow4(a)web.de> --- A bunch of new problems? I'm only aware of https://bugs.winehq.org/show_bug.cgi?id=53983, what else did you find? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 --- Comment #5 from Dmitry Timoshkov <dmitry(a)baikal.ru> --- (In reply to Fabian Maurer from comment #4)
A bunch of new problems? I'm only aware of https://bugs.winehq.org/show_bug.cgi?id=53983, what else did you find?
Probably I was a bit confused by the wall of error messages in the debug.log and at the console. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Zhiyi Zhang <zzhang(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zzhang(a)codeweavers.com Assignee|wine-bugs(a)winehq.org |zzhang(a)codeweavers.com -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 --- Comment #6 from Zhiyi Zhang <zzhang(a)codeweavers.com> --- Thanks, I will add some tests and see if the patches can be upstreamed. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Zhiyi Zhang <zzhang(a)codeweavers.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Fixed by SHA1| |02e3e17b4dd62eb71d867d0140d | |3061de683ba29 Assignee|zzhang(a)codeweavers.com |wine-bugs(a)winehq.org Resolution|--- |FIXED --- Comment #7 from Zhiyi Zhang <zzhang(a)codeweavers.com> --- Fixed by 02e3e17b4dd62eb71d867d0140d3061de683ba29 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Jactry Zeng <jactry92(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |1753904780(a)qq.com --- Comment #8 from Jactry Zeng <jactry92(a)gmail.com> --- *** Bug 54500 has been marked as a duplicate of this bug. *** -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #9 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 8.5. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mstefani(a)winehq.org Target Milestone|--- |8.0.x -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=53981 Michael Stefaniuc <mstefani(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|8.0.x |--- --- Comment #10 from Michael Stefaniuc <mstefani(a)winehq.org> --- Removing the 8.0.x milestone from bug fixes included in 8.0.1. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla