| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/broker_services.h" | 5 #include "sandbox/win/src/broker_services.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/threading/platform_thread.h" | 9 #include "base/threading/platform_thread.h" |
| 10 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
| 11 #include "base/win/scoped_process_information.h" | 11 #include "base/win/scoped_process_information.h" |
| 12 #include "base/win/startup_information.h" |
| 12 #include "sandbox/win/src/sandbox_policy_base.h" | 13 #include "sandbox/win/src/sandbox_policy_base.h" |
| 13 #include "sandbox/win/src/sandbox.h" | 14 #include "sandbox/win/src/sandbox.h" |
| 14 #include "sandbox/win/src/target_process.h" | 15 #include "sandbox/win/src/target_process.h" |
| 15 #include "sandbox/win/src/win2k_threadpool.h" | 16 #include "sandbox/win/src/win2k_threadpool.h" |
| 16 #include "sandbox/win/src/win_utils.h" | 17 #include "sandbox/win/src/win_utils.h" |
| 17 | 18 |
| 18 namespace { | 19 namespace { |
| 19 | 20 |
| 20 // Utility function to associate a completion port to a job object. | 21 // Utility function to associate a completion port to a job object. |
| 21 bool AssociateCompletionPort(HANDLE job, HANDLE port, void* key) { | 22 bool AssociateCompletionPort(HANDLE job, HANDLE port, void* key) { |
| (...skipping 283 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 305 | 306 |
| 306 HANDLE job_temp; | 307 HANDLE job_temp; |
| 307 win_result = policy_base->MakeJobObject(&job_temp); | 308 win_result = policy_base->MakeJobObject(&job_temp); |
| 308 base::win::ScopedHandle job(job_temp); | 309 base::win::ScopedHandle job(job_temp); |
| 309 if (ERROR_SUCCESS != win_result) | 310 if (ERROR_SUCCESS != win_result) |
| 310 return SBOX_ERROR_GENERIC; | 311 return SBOX_ERROR_GENERIC; |
| 311 | 312 |
| 312 if (ERROR_ALREADY_EXISTS == ::GetLastError()) | 313 if (ERROR_ALREADY_EXISTS == ::GetLastError()) |
| 313 return SBOX_ERROR_GENERIC; | 314 return SBOX_ERROR_GENERIC; |
| 314 | 315 |
| 316 // Initialize the startup information from the policy. |
| 317 base::win::StartupInformation startup_info; |
| 318 string16 desktop = policy_base->GetAlternateDesktop(); |
| 319 if (!desktop.empty()) { |
| 320 startup_info.startup_info()->lpDesktop = |
| 321 const_cast<wchar_t*>(desktop.c_str()); |
| 322 } |
| 323 |
| 315 // Construct the thread pool here in case it is expensive. | 324 // Construct the thread pool here in case it is expensive. |
| 316 // The thread pool is shared by all the targets | 325 // The thread pool is shared by all the targets |
| 317 if (NULL == thread_pool_) | 326 if (NULL == thread_pool_) |
| 318 thread_pool_ = new Win2kThreadPool(); | 327 thread_pool_ = new Win2kThreadPool(); |
| 319 | 328 |
| 320 // Create the TargetProces object and spawn the target suspended. Note that | 329 // Create the TargetProces object and spawn the target suspended. Note that |
| 321 // Brokerservices does not own the target object. It is owned by the Policy. | 330 // Brokerservices does not own the target object. It is owned by the Policy. |
| 322 base::win::ScopedProcessInformation process_info; | 331 base::win::ScopedProcessInformation process_info; |
| 323 TargetProcess* target = new TargetProcess(initial_token.Take(), | 332 TargetProcess* target = new TargetProcess(initial_token.Take(), |
| 324 lockdown_token.Take(), | 333 lockdown_token.Take(), |
| 325 job, | 334 job, |
| 326 thread_pool_); | 335 thread_pool_); |
| 327 | 336 |
| 328 std::wstring desktop = policy_base->GetAlternateDesktop(); | |
| 329 | |
| 330 win_result = target->Create(exe_path, command_line, | 337 win_result = target->Create(exe_path, command_line, |
| 331 desktop.empty() ? NULL : desktop.c_str(), | 338 startup_info, &process_info); |
| 332 &process_info); | |
| 333 if (ERROR_SUCCESS != win_result) | 339 if (ERROR_SUCCESS != win_result) |
| 334 return SpawnCleanup(target, win_result); | 340 return SpawnCleanup(target, win_result); |
| 335 | 341 |
| 336 // Now the policy is the owner of the target. | 342 // Now the policy is the owner of the target. |
| 337 if (!policy_base->AddTarget(target)) { | 343 if (!policy_base->AddTarget(target)) { |
| 338 return SpawnCleanup(target, 0); | 344 return SpawnCleanup(target, 0); |
| 339 } | 345 } |
| 340 | 346 |
| 341 // We are going to keep a pointer to the policy because we'll call it when | 347 // We are going to keep a pointer to the policy because we'll call it when |
| 342 // the job object generates notifications using the completion port. | 348 // the job object generates notifications using the completion port. |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 396 peer_map_.erase(peer->id); | 402 peer_map_.erase(peer->id); |
| 397 return SBOX_ERROR_GENERIC; | 403 return SBOX_ERROR_GENERIC; |
| 398 } | 404 } |
| 399 | 405 |
| 400 // Release the pointer since it will be cleaned up by the callback. | 406 // Release the pointer since it will be cleaned up by the callback. |
| 401 peer.release(); | 407 peer.release(); |
| 402 return SBOX_ALL_OK; | 408 return SBOX_ALL_OK; |
| 403 } | 409 } |
| 404 | 410 |
| 405 } // namespace sandbox | 411 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10878071:
Move STARTUPINFO manipulation into SpawnTarget (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/