--- include/winbase.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/winbase.h b/include/winbase.h index 667df965d6..aa57dae818 100644 --- a/include/winbase.h +++ b/include/winbase.h @@ -1683,7 +1683,7 @@ typedef enum _PROC_THREAD_ATTRIBUTE_NUM #define PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY (ProcThreadAttributeGroupAffinity | PROC_THREAD_ATTRIBUTE_THREAD | PROC_THREAD_ATTRIBUTE_INPUT) #define PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR (ProcThreadAttributeIdealProcessor | PROC_THREAD_ATTRIBUTE_THREAD | PROC_THREAD_ATTRIBUTE_INPUT) #define PROC_THREAD_ATTRIBUTE_UMS_THREAD (ProcThreadAttributeUmsThread | PROC_THREAD_ATTRIBUTE_THREAD | PROC_THREAD_ATTRIBUTE_INPUT) -#define PROC_THREAD_ATTRIBUTE_MIGITATION_POLICY (ProcThreadAttributeMitigationPolicy | PROC_THREAD_ATTRIBUTE_INPUT) +#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY (ProcThreadAttributeMitigationPolicy | PROC_THREAD_ATTRIBUTE_INPUT) #define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES (ProcThreadAttributeSecurityCapabilities | PROC_THREAD_ATTRIBUTE_INPUT) #define PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL (ProcThreadAttributeProtectionLevel | PROC_THREAD_ATTRIBUTE_INPUT) #define PROC_THREAD_ATTRIBUTE_JOB_LIST (ProcThreadAttributeJobList | PROC_THREAD_ATTRIBUTE_INPUT)
This is needed by x64 chromium sandbox for >= win10.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45644 Signed-off-by: Fabian Maurer dark.shadow4@web.de --- dlls/kernel32/process.c | 9 +++++++++ 1 file changed, 9 insertions(+)
diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c index 1a303c58e1..e8315769e2 100644 --- a/dlls/kernel32/process.c +++ b/dlls/kernel32/process.c @@ -4216,8 +4216,17 @@ BOOL WINAPI UpdateProcThreadAttribute(struct _PROC_THREAD_ATTRIBUTE_LIST *list, } break;
+ case PROC_THREAD_ATTRIBUTE_CHILD_PROCESS_POLICY: + if (size != sizeof(DWORD) && size != sizeof(DWORD64)) + { + SetLastError(ERROR_BAD_LENGTH); + return FALSE; + } + break; + default: SetLastError(ERROR_NOT_SUPPORTED); + FIXME("Unhandled attribute number %lu\n", attr & PROC_THREAD_ATTRIBUTE_NUMBER); return FALSE; }
needed for x32 win7 chrome and chromium
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45648 Signed-off-by: Fabian Maurer dark.shadow4@web.de --- dlls/kernel32/process.c | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c index e8315769e2..643bc15b47 100644 --- a/dlls/kernel32/process.c +++ b/dlls/kernel32/process.c @@ -4224,6 +4224,14 @@ BOOL WINAPI UpdateProcThreadAttribute(struct _PROC_THREAD_ATTRIBUTE_LIST *list, } break;
+ case PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY: + if (size != sizeof(DWORD) && size != sizeof(DWORD64) && size != sizeof(DWORD64) * 2) + { + SetLastError(ERROR_BAD_LENGTH); + return FALSE; + } + break; + default: SetLastError(ERROR_NOT_SUPPORTED); FIXME("Unhandled attribute number %lu\n", attr & PROC_THREAD_ATTRIBUTE_NUMBER);
This is required by chromium x64 sandbox >=win8 chrome for some reason is not affected
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=45646 Signed-off-by: Fabian Maurer dark.shadow4@web.de --- dlls/ntdll/misc.c | 9 +++++++++ dlls/ntdll/ntdll.spec | 1 + 2 files changed, 10 insertions(+)
diff --git a/dlls/ntdll/misc.c b/dlls/ntdll/misc.c index 7ccaa0ed7f..ca6029b847 100644 --- a/dlls/ntdll/misc.c +++ b/dlls/ntdll/misc.c @@ -492,3 +492,12 @@ void WINAPI DbgUiRemoteBreakin( void *arg ) { FIXME("stub\n"); } + +NTSTATUS WINAPI NtCreateLowBoxToken(HANDLE *token_handle, HANDLE existing_token_handle, ACCESS_MASK desired_access, + OBJECT_ATTRIBUTES *object_attributes, SID *package_sid, ULONG capability_count, + SID_AND_ATTRIBUTES *capabilities, ULONG handle_count, HANDLE *handle) +{ + /* We need to return a NULL handle since later it will be passed to CloseHandle and that must not fail */ + *token_handle = NULL; + return STATUS_SUCCESS; +} diff --git a/dlls/ntdll/ntdll.spec b/dlls/ntdll/ntdll.spec index d321c44d4f..003e4f9d00 100644 --- a/dlls/ntdll/ntdll.spec +++ b/dlls/ntdll/ntdll.spec @@ -142,6 +142,7 @@ @ stdcall NtCreateKey(ptr long ptr long ptr long ptr) @ stdcall NtCreateKeyTransacted(ptr long ptr long ptr long long ptr) @ stdcall NtCreateKeyedEvent(ptr long ptr long) +@ stdcall NtCreateLowBoxToken(ptr long long ptr ptr long ptr long ptr) @ stdcall NtCreateMailslotFile(ptr long ptr ptr long long long ptr) @ stdcall NtCreateMutant(ptr long ptr long) @ stdcall NtCreateNamedPipeFile(ptr long ptr ptr long long long long long long long long long ptr)
Hi Fabian
On 16/08/18 15:01, Fabian Maurer wrote:
This is required by chromium x64 sandbox >=win8 chrome for some reason is not affected
+NTSTATUS WINAPI NtCreateLowBoxToken(HANDLE *token_handle, HANDLE existing_token_handle, ACCESS_MASK desired_access,
OBJECT_ATTRIBUTES *object_attributes, SID *package_sid, ULONG capability_count,SID_AND_ATTRIBUTES *capabilities, ULONG handle_count, HANDLE *handle)+{
- /* We need to return a NULL handle since later it will be passed to CloseHandle and that must not fail */
- *token_handle = NULL;
- return STATUS_SUCCESS;
+}
Your missing a FIXME.
Regards Alistair.
-
Alistair Leslie-Hughes -
Fabian Maurer