sandbox/src/broker_services.cc - Issue 9960045: Add sandbox support for associating peer processes

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: sandbox/src/broker_services.cc

Issue 9960045: Add sandbox support for associating peer processes (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: Created 8 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: sandbox/src/broker_services.cc

===================================================================

--- sandbox/src/broker_services.cc (revision 131361)

+++ sandbox/src/broker_services.cc (working copy)

@@ -92,6 +92,16 @@

::PostQueuedCompletionStatus(job_port_, 0, THREAD_CTRL_QUIT, FALSE);

::CloseHandle(job_port_);

+ { // Cancel the wait events for all the peers.

+ AutoLock lock(&lock_);

+ for (PeerTrackerMap::iterator it = peer_map_.begin();

+ it != peer_map_.end(); ++it) {

+ // This call terminates any running handlers.

+ ::UnregisterWaitEx(it->second->wait_object_, NULL);

+ delete it->second;

+ }

if (WAIT_TIMEOUT == ::WaitForSingleObject(job_thread_, 1000)) {

// Cannot clean broker services.

NOTREACHED();

@@ -312,7 +322,56 @@

bool BrokerServicesBase::IsActiveTarget(DWORD process_id) {

AutoLock lock(&lock_);

- return child_process_ids_.find(process_id) != child_process_ids_.end();

+ return child_process_ids_.find(process_id) != child_process_ids_.end() ||

+ peer_map_.find(process_id) != peer_map_.end();

}

+VOID CALLBACK BrokerServicesBase::RemovePeerData(PVOID parameter, BOOLEAN) {

+ DWORD process_id = reinterpret_cast<DWORD>(parameter);

+ BrokerServicesBase* broker = BrokerServicesBase::GetInstance();

+ PeerTracker* peer_data;

+ { // Hold the lock only during removal (since UregisterWaitEx can block).

+ AutoLock lock(&broker->lock_);

+ PeerTrackerMap::iterator it = broker->peer_map_.find(process_id);

+ peer_data = it->second;

+ broker->peer_map_.erase(it);

+ }

+ HANDLE wait_object = peer_data->wait_object_;

+ delete peer_data;

+ // This prevents us from terminating our own running handler.

+ ::UnregisterWaitEx(wait_object, INVALID_HANDLE_VALUE);

+ResultCode BrokerServicesBase::AddTargetPeer(HANDLE peer_process) {

+ DWORD process_id = ::GetProcessId(peer_process);

+ if (!process_id)

+ return SBOX_ERROR_GENERIC;

+ scoped_ptr<PeerTracker> peer(new PeerTracker);

+ if (!::DuplicateHandle(::GetCurrentProcess(), peer_process,

+ ::GetCurrentProcess(), peer->process_.Receive(),

+ SYNCHRONIZE, FALSE, 0)) {

+ return SBOX_ERROR_GENERIC;

+ }

+ AutoLock lock(&lock_);

+ if (!peer_map_.insert(std::make_pair(process_id, peer.get())).second)

+ return SBOX_ERROR_BAD_PARAMS;

+ if (!::RegisterWaitForSingleObject(&peer->wait_object_,

+ peer->process_, RemovePeerData,

+ reinterpret_cast<void*>(process_id),

+ INFINITE, WT_EXECUTEINWAITTHREAD |

+ WT_EXECUTEONLYONCE)) {

+ peer_map_.erase(process_id);

+ return SBOX_ERROR_GENERIC;

+ }

+ // Leak the pointer since it will be cleaned up by the callback.

+ peer.release();

+ return SBOX_ALL_OK;

} // namespace sandbox

« sandbox/src/broker_services.h ('K') | « sandbox/src/broker_services.h ('k') | sandbox/src/handle_policy_test.cc » ('j') | no next file with comments »