Skip to content

Commit

Permalink
Fix startup issues (microsoft#3795)
Browse files Browse the repository at this point in the history
  • Loading branch information
timkur authored Sep 6, 2024
1 parent d1a767f commit 0f712ec
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 16 deletions.
33 changes: 21 additions & 12 deletions service/DevHome.Service/ComHelpers.cs
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,14 @@
using System.Runtime.InteropServices;
using System.Runtime.InteropServices.Marshalling;
using System.Security.Principal;
using Microsoft.Win32.SafeHandles;
using Windows.ApplicationModel;
using Windows.Win32;
using Windows.Win32.Foundation;
using Windows.Win32.Security;
using Windows.Win32.System.Com;
using Windows.Win32.System.Rpc;
using Windows.Win32.System.Threading;

namespace DevHome.Service;

Expand Down Expand Up @@ -45,10 +47,10 @@ public static void InitializeSecurity()
}
}

public static void VerifyCaller()
public static void VerifyCaller(Process caller)
{
VerifyCallerIsInTheSameDirectory();
VerifyCallerIsFromTheSamePackage();
VerifyCallerIsFromTheSamePackage(caller);
VerifyCallerIsInTheSameDirectory(caller);
}

public static Process GetClientProcess()
Expand All @@ -68,10 +70,8 @@ public static Process GetClientProcess()
}
}

public static void VerifyCallerIsInTheSameDirectory()
public static void VerifyCallerIsInTheSameDirectory(Process callerProcess)
{
Process callerProcess = GetClientProcess();

FileInfo callerFileInfo = new FileInfo(callerProcess.MainModule?.FileName ?? string.Empty);
FileInfo serverFileInfo = new FileInfo(Process.GetCurrentProcess().MainModule?.FileName ?? string.Empty);

Expand All @@ -88,22 +88,33 @@ public static void VerifyCallerIsInTheSameDirectory()
// Our caller is in the same directory that we are
}

public static void VerifyCallerIsFromTheSamePackage()
public static void VerifyCallerIsFromTheSamePackage(Process caller)
{
unsafe
{
string devHomeServicePackage = Package.Current.Id.FullName;
PInvoke.CoImpersonateClient().ThrowOnFailure();

WindowsIdentity identity = WindowsIdentity.GetCurrent();
SafeProcessHandle h = new(PInvoke.OpenProcess(PROCESS_ACCESS_RIGHTS.PROCESS_QUERY_LIMITED_INFORMATION, false, (uint)caller.Id), true);

if (h.IsInvalid)
{
throw new UnauthorizedAccessException();
}

bool f = PInvoke.OpenProcessToken(h, TOKEN_ACCESS_MASK.TOKEN_QUERY, out SafeFileHandle token);

if (!f || token.IsInvalid)
{
throw new UnauthorizedAccessException();
}

Span<char> outputBuffer = new char[10000];
uint packageFullNameLength = 10000;

fixed (char* outBufferPointer = outputBuffer)
{
var callerPackageName = new PWSTR(outBufferPointer);
var res = PInvoke.GetPackageFullNameFromToken(identity.AccessToken, ref packageFullNameLength, callerPackageName);
var res = PInvoke.GetPackageFullNameFromToken(token, ref packageFullNameLength, callerPackageName);
var callerPackageNameString = new string(callerPackageName);

if (res != WIN32_ERROR.ERROR_SUCCESS || !devHomeServicePackage.Equals(callerPackageNameString, StringComparison.Ordinal))
Expand All @@ -112,8 +123,6 @@ public static void VerifyCallerIsFromTheSamePackage()
}
}

PInvoke.CoRevertToSelf();

// We're running with the same package identity
}
}
Expand Down
7 changes: 5 additions & 2 deletions service/DevHome.Service/DevHomeService.cs
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.

using System.Diagnostics;
using System.Runtime.InteropServices;

namespace DevHome.Service.Runtime;
Expand All @@ -10,10 +11,12 @@ public class DevHomeService : IDevHomeService
{
public DevHomeService()
{
ComHelpers.VerifyCaller();
Process myCaller = ComHelpers.GetClientProcess();

ComHelpers.VerifyCaller(myCaller);

// Track our caller process
ServiceLifetimeController.RegisterProcess(ComHelpers.GetClientProcess());
ServiceLifetimeController.RegisterProcess(myCaller);
}

public int GetNumber()
Expand Down
4 changes: 2 additions & 2 deletions service/DevHome.Service/NativeMethods.txt
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
CoImpersonateClient
CoRevertToSelf
CoInitializeEx
CoInitializeSecurity
CoGetCallContext
CoRegisterClassObject
CoResumeClassObjects
GetPackageFullNameFromToken
I_RpcBindingInqLocalClientPID
OpenProcess
OpenProcessToken
CLASS_E_NOAGGREGATION
E_ACCESSDENIED
E_NOINTERFACE
Expand Down

0 comments on commit 0f712ec

Please sign in to comment.