// Copyright 2010 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/win/wmi.h"
#include <objbase.h>
#include <windows.h>
#include <stdint.h>
#include <string_view>
#include <utility>
#include "base/location.h"
#include "base/no_destructor.h"
#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "base/threading/scoped_thread_priority.h"
#include "base/win/scoped_bstr.h"
#include "base/win/scoped_variant.h"
using Microsoft::WRL::ComPtr;
namespace base {
namespace win {
const wchar_t kCimV2ServerName[] = L"ROOT\\CIMV2";
const wchar_t kSecurityCenter2ServerName[] = L"ROOT\\SecurityCenter2";
namespace {
constexpr wchar_t kSerialNumberQuery[] = L"SELECT SerialNumber FROM Win32_Bios";
// Instantiates `wmi_services` with a connection to `server_name` in WMI. Will
// set a security blanket if `set_blanket` is true.
std::optional<WmiError> CreateLocalWmiConnection(
bool set_blanket,
const std::wstring& server_name,
ComPtr<IWbemServices>* wmi_services) {
DCHECK(wmi_services);
ComPtr<IWbemLocator> wmi_locator;
HRESULT hr =
::CoCreateInstance(CLSID_WbemLocator, nullptr, CLSCTX_INPROC_SERVER,
IID_PPV_ARGS(&wmi_locator));
if (FAILED(hr))
return WmiError::kFailedToCreateInstance;
ComPtr<IWbemServices> wmi_services_r;
hr = wmi_locator->ConnectServer(base::win::ScopedBstr(server_name).Get(),
nullptr, nullptr, nullptr, 0, nullptr,
nullptr, &wmi_services_r);
if (FAILED(hr))
return WmiError::kFailedToConnectToWMI;
if (set_blanket) {
hr = ::CoSetProxyBlanket(wmi_services_r.Get(), RPC_C_AUTHN_WINNT,
RPC_C_AUTHZ_NONE, nullptr, RPC_C_AUTHN_LEVEL_CALL,
RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, EOAC_NONE);
if (FAILED(hr))
return WmiError::kFailedToSetSecurityBlanket;
}
*wmi_services = std::move(wmi_services_r);
return std::nullopt;
}
// Runs `query` through `wmi_services` and sets the results' `enumerator`.
bool TryRunQuery(const std::wstring& query,
const ComPtr<IWbemServices>& wmi_services,
ComPtr<IEnumWbemClassObject>* enumerator) {
DCHECK(enumerator);
base::win::ScopedBstr query_language(L"WQL");
base::win::ScopedBstr query_bstr(query);
ComPtr<IEnumWbemClassObject> enumerator_r;
HRESULT hr = wmi_services->ExecQuery(
query_language.Get(), query_bstr.Get(),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, nullptr,
&enumerator_r);
if (FAILED(hr))
return false;
*enumerator = std::move(enumerator_r);
return true;
}
} // namespace
std::optional<WmiError> RunWmiQuery(const std::wstring& server_name,
const std::wstring& query,
ComPtr<IEnumWbemClassObject>* enumerator) {
SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY();
DCHECK(enumerator);
ComPtr<IWbemServices> wmi_services;
auto error = CreateLocalWmiConnection(/*set_blanket=*/true, server_name,
&wmi_services);
if (error.has_value())
return error;
if (!TryRunQuery(query, wmi_services, enumerator))
return WmiError::kFailedToExecWMIQuery;
return std::nullopt;
}
bool CreateLocalWmiConnection(bool set_blanket,
ComPtr<IWbemServices>* wmi_services) {
// Mitigate the issues caused by loading DLLs on a background thread
// (http://crbug/973868).
SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY();
auto error =
CreateLocalWmiConnection(set_blanket, kCimV2ServerName, wmi_services);
return !error.has_value();
}
ComPtr<IWbemServices> CreateWmiConnection(bool set_blanket,
const std::wstring& resource) {
// Mitigate the issues caused by loading DLLs on a background thread
// (http://crbug/973868).
SCOPED_MAY_LOAD_LIBRARY_AT_BACKGROUND_PRIORITY();
ComPtr<IWbemServices> wmi_services = nullptr;
auto error = CreateLocalWmiConnection(set_blanket, resource, &wmi_services);
if (error.has_value())
return nullptr;
return wmi_services;
}
bool CreateWmiClassMethodObject(IWbemServices* wmi_services,
std::wstring_view class_name,
std::wstring_view method_name,
ComPtr<IWbemClassObject>* class_instance) {
// We attempt to instantiate a COM object that represents a WMI object plus
// a method rolled into one entity.
ScopedBstr b_class_name(class_name);
ScopedBstr b_method_name(method_name);
ComPtr<IWbemClassObject> class_object;
HRESULT hr;
hr = wmi_services->GetObject(b_class_name.Get(), 0, nullptr, &class_object,
nullptr);
if (FAILED(hr))
return false;
ComPtr<IWbemClassObject> params_def;
hr = class_object->GetMethod(b_method_name.Get(), 0, ¶ms_def, nullptr);
if (FAILED(hr))
return false;
if (!params_def.Get()) {
// You hit this special case if the WMI class is not a CIM class. MSDN
// sometimes tells you this. Welcome to WMI hell.
return false;
}
hr = params_def->SpawnInstance(0, &(*class_instance));
return SUCCEEDED(hr);
}
// The code in Launch() basically calls the Create Method of the Win32_Process
// CIM class is documented here:
// http://msdn2.microsoft.com/en-us/library/aa389388(VS.85).aspx
// NOTE: The documentation for the Create method suggests that the ProcessId
// parameter and return value are of type uint32_t, but when we call the method
// the values in the returned out_params, are VT_I4, which is int32_t.
bool WmiLaunchProcess(const std::wstring& command_line, int* process_id) {
ComPtr<IWbemServices> wmi_local;
if (!CreateLocalWmiConnection(true, &wmi_local))
return false;
static constexpr wchar_t class_name[] = L"Win32_Process";
static constexpr wchar_t method_name[] = L"Create";
ComPtr<IWbemClassObject> process_create;
if (!CreateWmiClassMethodObject(wmi_local.Get(), class_name, method_name,
&process_create)) {
return false;
}
ScopedVariant b_command_line(command_line.c_str());
if (FAILED(process_create->Put(L"CommandLine", 0, b_command_line.AsInput(),
0))) {
return false;
}
ComPtr<IWbemClassObject> out_params;
HRESULT hr = wmi_local->ExecMethod(
ScopedBstr(class_name).Get(), ScopedBstr(method_name).Get(), 0, nullptr,
process_create.Get(), &out_params, nullptr);
if (FAILED(hr))
return false;
// We're only expecting int32_t or uint32_t values, so no need for
// ScopedVariant.
VARIANT ret_value = {{{VT_EMPTY}}};
hr = out_params->Get(L"ReturnValue", 0, &ret_value, nullptr, nullptr);
if (FAILED(hr) || V_I4(&ret_value) != 0)
return false;
VARIANT pid = {{{VT_EMPTY}}};
hr = out_params->Get(L"ProcessId", 0, &pid, nullptr, nullptr);
if (FAILED(hr) || V_I4(&pid) == 0)
return false;
if (process_id)
*process_id = V_I4(&pid);
return true;
}
// static
WmiComputerSystemInfo WmiComputerSystemInfo::Get() {
static const base::NoDestructor<WmiComputerSystemInfo> static_info([] {
WmiComputerSystemInfo info;
ComPtr<IEnumWbemClassObject> enumerator_bios;
auto error =
RunWmiQuery(kCimV2ServerName, kSerialNumberQuery, &enumerator_bios);
if (!error.has_value())
info.PopulateSerialNumber(enumerator_bios);
return info;
}());
return *static_info;
}
void WmiComputerSystemInfo::PopulateSerialNumber(
const ComPtr<IEnumWbemClassObject>& enumerator_bios) {
ComPtr<IWbemClassObject> class_obj;
ULONG items_returned = 0;
HRESULT hr =
enumerator_bios->Next(WBEM_INFINITE, 1, &class_obj, &items_returned);
if (FAILED(hr) || !items_returned)
return;
ScopedVariant serial_number;
hr = class_obj->Get(L"SerialNumber", 0, serial_number.Receive(), nullptr,
nullptr);
if (SUCCEEDED(hr) && serial_number.type() == VT_BSTR) {
serial_number_.assign(V_BSTR(serial_number.ptr()),
::SysStringLen(V_BSTR(serial_number.ptr())));
}
}
} // namespace win
} // namespace base
Codebase Browser
chromium