| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/callback.h" | 5 #include "base/callback.h" |
| 6 #include "base/logging.h" | 6 #include "base/logging.h" |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "sandbox/win/src/sharedmem_ipc_server.h" | 8 #include "sandbox/win/src/sharedmem_ipc_server.h" |
| 9 #include "sandbox/win/src/sharedmem_ipc_client.h" | 9 #include "sandbox/win/src/sharedmem_ipc_client.h" |
| 10 #include "sandbox/win/src/sandbox.h" | 10 #include "sandbox/win/src/sandbox.h" |
| 11 #include "sandbox/win/src/sandbox_types.h" | 11 #include "sandbox/win/src/sandbox_types.h" |
| 12 #include "sandbox/win/src/crosscall_params.h" | 12 #include "sandbox/win/src/crosscall_params.h" |
| 13 #include "sandbox/win/src/crosscall_server.h" | 13 #include "sandbox/win/src/crosscall_server.h" |
| 14 | 14 |
| 15 namespace { | 15 namespace { |
| 16 // This handle must not be closed. | 16 // This handle must not be closed. |
| 17 volatile HANDLE g_alive_mutex = NULL; | 17 volatile HANDLE g_alive_mutex = NULL; |
| 18 } | 18 } |
| 19 | 19 |
| 20 namespace sandbox { | 20 namespace sandbox { |
| 21 | 21 |
| 22 SharedMemIPCServer::SharedMemIPCServer(HANDLE target_process, | 22 SharedMemIPCServer::SharedMemIPCServer(HANDLE target_process, |
| 23 DWORD target_process_id, | 23 DWORD target_process_id, |
| 24 HANDLE target_job, | |
| 25 ThreadProvider* thread_provider, | 24 ThreadProvider* thread_provider, |
| 26 Dispatcher* dispatcher) | 25 Dispatcher* dispatcher) |
| 27 : client_control_(NULL), | 26 : client_control_(NULL), |
| 28 thread_provider_(thread_provider), | 27 thread_provider_(thread_provider), |
| 29 target_process_(target_process), | 28 target_process_(target_process), |
| 30 target_process_id_(target_process_id), | 29 target_process_id_(target_process_id), |
| 31 target_job_object_(target_job), | |
| 32 call_dispatcher_(dispatcher) { | 30 call_dispatcher_(dispatcher) { |
| 33 // We create a initially owned mutex. If the server dies unexpectedly, | 31 // We create a initially owned mutex. If the server dies unexpectedly, |
| 34 // the thread that owns it will fail to release the lock and windows will | 32 // the thread that owns it will fail to release the lock and windows will |
| 35 // report to the target (when it tries to acquire it) that the wait was | 33 // report to the target (when it tries to acquire it) that the wait was |
| 36 // abandoned. Note: We purposely leak the local handle because we want it to | 34 // abandoned. Note: We purposely leak the local handle because we want it to |
| 37 // be closed by Windows itself so it is properly marked as abandoned if the | 35 // be closed by Windows itself so it is properly marked as abandoned if the |
| 38 // server dies. | 36 // server dies. |
| 39 if (!g_alive_mutex) { | 37 if (!g_alive_mutex) { |
| 40 HANDLE mutex = ::CreateMutexW(NULL, TRUE, NULL); | 38 HANDLE mutex = ::CreateMutexW(NULL, TRUE, NULL); |
| 41 if (::InterlockedCompareExchangePointer(&g_alive_mutex, mutex, NULL)) { | 39 if (::InterlockedCompareExchangePointer(&g_alive_mutex, mutex, NULL)) { |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 if (!MakeEvents(&service_context->ping_event, | 102 if (!MakeEvents(&service_context->ping_event, |
| 105 &service_context->pong_event, | 103 &service_context->pong_event, |
| 106 &client_context->ping_event, | 104 &client_context->ping_event, |
| 107 &client_context->pong_event)) { | 105 &client_context->pong_event)) { |
| 108 return false; | 106 return false; |
| 109 } | 107 } |
| 110 | 108 |
| 111 client_context->channel_base = base_start; | 109 client_context->channel_base = base_start; |
| 112 client_context->state = kFreeChannel; | 110 client_context->state = kFreeChannel; |
| 113 | 111 |
| 114 // Note that some of these values are available as members of this | 112 // Note that some of these values are available as members of this object |
| 115 // object but we put them again into the service_context because we | 113 // but we put them again into the service_context because we will be called |
| 116 // will be called on a static method (ThreadPingEventReady) | 114 // on a static method (ThreadPingEventReady). In particular, target_process_ |
| 115 // is a raw handle that is not owned by this object (it's owned by the |
| 116 // owner of this object), and we are storing it in multiple places. |
| 117 service_context->shared_base = reinterpret_cast<char*>(shared_mem); | 117 service_context->shared_base = reinterpret_cast<char*>(shared_mem); |
| 118 service_context->channel_size = channel_size; | 118 service_context->channel_size = channel_size; |
| 119 service_context->channel = client_context; | 119 service_context->channel = client_context; |
| 120 service_context->channel_buffer = service_context->shared_base + | 120 service_context->channel_buffer = service_context->shared_base + |
| 121 client_context->channel_base; | 121 client_context->channel_base; |
| 122 service_context->dispatcher = call_dispatcher_; | 122 service_context->dispatcher = call_dispatcher_; |
| 123 service_context->target_info.process = target_process_; | 123 service_context->target_info.process = target_process_; |
| 124 service_context->target_info.process_id = target_process_id_; | 124 service_context->target_info.process_id = target_process_id_; |
| 125 service_context->target_info.job_object = target_job_object_; | |
| 126 // Advance to the next channel. | 125 // Advance to the next channel. |
| 127 base_start += channel_size; | 126 base_start += channel_size; |
| 128 // Register the ping event with the threadpool. | 127 // Register the ping event with the threadpool. |
| 129 thread_provider_->RegisterWait(this, service_context->ping_event, | 128 thread_provider_->RegisterWait(this, service_context->ping_event, |
| 130 ThreadPingEventReady, service_context); | 129 ThreadPingEventReady, service_context); |
| 131 } | 130 } |
| 132 if (!::DuplicateHandle(::GetCurrentProcess(), g_alive_mutex, | 131 if (!::DuplicateHandle(::GetCurrentProcess(), g_alive_mutex, |
| 133 target_process_, &client_control_->server_alive, | 132 target_process_, &client_control_->server_alive, |
| 134 SYNCHRONIZE | EVENT_MODIFY_STATE, FALSE, 0)) { | 133 SYNCHRONIZE | EVENT_MODIFY_STATE, FALSE, 0)) { |
| 135 return false; | 134 return false; |
| (...skipping 278 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 414 } | 413 } |
| 415 *server_pong = ::CreateEventW(NULL, FALSE, FALSE, NULL); | 414 *server_pong = ::CreateEventW(NULL, FALSE, FALSE, NULL); |
| 416 if (!::DuplicateHandle(::GetCurrentProcess(), *server_pong, target_process_, | 415 if (!::DuplicateHandle(::GetCurrentProcess(), *server_pong, target_process_, |
| 417 client_pong, kDesiredAccess, FALSE, 0)) { | 416 client_pong, kDesiredAccess, FALSE, 0)) { |
| 418 return false; | 417 return false; |
| 419 } | 418 } |
| 420 return true; | 419 return true; |
| 421 } | 420 } |
| 422 | 421 |
| 423 } // namespace sandbox | 422 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1227863003:
Sandbox: Remove job_object from (IPCInfo::)ClientInfo. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master