| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/broker_services.h" | 5 #include "sandbox/win/src/broker_services.h" |
| 6 | 6 |
| 7 #include <AclAPI.h> | 7 #include <AclAPI.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 delete peer; | 106 delete peer; |
| 107 } else { | 107 } else { |
| 108 NOTREACHED(); | 108 NOTREACHED(); |
| 109 } | 109 } |
| 110 } | 110 } |
| 111 | 111 |
| 112 } // namespace | 112 } // namespace |
| 113 | 113 |
| 114 namespace sandbox { | 114 namespace sandbox { |
| 115 | 115 |
| 116 // TODO(rvargas): Replace this structure with a std::pair of ScopedHandles. | |
| 117 struct BrokerServicesBase::TokenPair { | |
| 118 TokenPair(base::win::ScopedHandle initial_token, | |
| 119 base::win::ScopedHandle lockdown_token) | |
| 120 : initial(initial_token.Pass()), | |
| 121 lockdown(lockdown_token.Pass()) { | |
| 122 } | |
| 123 | |
| 124 base::win::ScopedHandle initial; | |
| 125 base::win::ScopedHandle lockdown; | |
| 126 }; | |
| 127 | |
| 128 BrokerServicesBase::BrokerServicesBase() : thread_pool_(NULL) { | 116 BrokerServicesBase::BrokerServicesBase() : thread_pool_(NULL) { |
| 129 } | 117 } |
| 130 | 118 |
| 131 // The broker uses a dedicated worker thread that services the job completion | 119 // The broker uses a dedicated worker thread that services the job completion |
| 132 // port to perform policy notifications and associated cleanup tasks. | 120 // port to perform policy notifications and associated cleanup tasks. |
| 133 ResultCode BrokerServicesBase::Init() { | 121 ResultCode BrokerServicesBase::Init() { |
| 134 if (job_port_.IsValid() || (NULL != thread_pool_)) | 122 if (job_port_.IsValid() || (NULL != thread_pool_)) |
| 135 return SBOX_ERROR_UNEXPECTED_CALL; | 123 return SBOX_ERROR_UNEXPECTED_CALL; |
| 136 | 124 |
| 137 ::InitializeCriticalSection(&lock_); | 125 ::InitializeCriticalSection(&lock_); |
| (...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 319 // This downcast is safe as long as we control CreatePolicy() | 307 // This downcast is safe as long as we control CreatePolicy() |
| 320 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); | 308 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); |
| 321 | 309 |
| 322 if (policy_base->GetAppContainer() && policy_base->GetLowBoxSid()) | 310 if (policy_base->GetAppContainer() && policy_base->GetLowBoxSid()) |
| 323 return SBOX_ERROR_BAD_PARAMS; | 311 return SBOX_ERROR_BAD_PARAMS; |
| 324 | 312 |
| 325 // Construct the tokens and the job object that we are going to associate | 313 // Construct the tokens and the job object that we are going to associate |
| 326 // with the soon to be created target process. | 314 // with the soon to be created target process. |
| 327 base::win::ScopedHandle initial_token; | 315 base::win::ScopedHandle initial_token; |
| 328 base::win::ScopedHandle lockdown_token; | 316 base::win::ScopedHandle lockdown_token; |
| 317 base::win::ScopedHandle lowbox_token; |
| 329 ResultCode result = SBOX_ALL_OK; | 318 ResultCode result = SBOX_ALL_OK; |
| 330 | 319 |
| 331 result = policy_base->MakeTokens(&initial_token, &lockdown_token); | 320 result = |
| 321 policy_base->MakeTokens(&initial_token, &lockdown_token, &lowbox_token); |
| 332 if (SBOX_ALL_OK != result) | 322 if (SBOX_ALL_OK != result) |
| 333 return result; | 323 return result; |
| 334 | 324 |
| 335 base::win::ScopedHandle job; | 325 base::win::ScopedHandle job; |
| 336 result = policy_base->MakeJobObject(&job); | 326 result = policy_base->MakeJobObject(&job); |
| 337 if (SBOX_ALL_OK != result) | 327 if (SBOX_ALL_OK != result) |
| 338 return result; | 328 return result; |
| 339 | 329 |
| 340 // Initialize the startup information from the policy. | 330 // Initialize the startup information from the policy. |
| 341 base::win::StartupInformation startup_info; | 331 base::win::StartupInformation startup_info; |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 438 std::vector<DWORD> inherited_handle_information(inherited_handle_list.size()); | 428 std::vector<DWORD> inherited_handle_information(inherited_handle_list.size()); |
| 439 for (size_t i = 0; i < inherited_handle_list.size(); ++i) { | 429 for (size_t i = 0; i < inherited_handle_list.size(); ++i) { |
| 440 const HANDLE& inherited_handle = inherited_handle_list[i]; | 430 const HANDLE& inherited_handle = inherited_handle_list[i]; |
| 441 ::GetHandleInformation(inherited_handle, &inherited_handle_information[i]); | 431 ::GetHandleInformation(inherited_handle, &inherited_handle_information[i]); |
| 442 ::SetHandleInformation(inherited_handle, HANDLE_FLAG_PROTECT_FROM_CLOSE, 0); | 432 ::SetHandleInformation(inherited_handle, HANDLE_FLAG_PROTECT_FROM_CLOSE, 0); |
| 443 } | 433 } |
| 444 | 434 |
| 445 // Create the TargetProces object and spawn the target suspended. Note that | 435 // Create the TargetProces object and spawn the target suspended. Note that |
| 446 // Brokerservices does not own the target object. It is owned by the Policy. | 436 // Brokerservices does not own the target object. It is owned by the Policy. |
| 447 base::win::ScopedProcessInformation process_info; | 437 base::win::ScopedProcessInformation process_info; |
| 448 TargetProcess* target = new TargetProcess(initial_token.Pass(), | 438 TargetProcess* target = |
| 449 lockdown_token.Pass(), | 439 new TargetProcess(initial_token.Pass(), lockdown_token.Pass(), |
| 450 job.Get(), | 440 lowbox_token.Pass(), job.Get(), thread_pool_); |
| 451 thread_pool_); | |
| 452 | 441 |
| 453 DWORD win_result = target->Create(exe_path, command_line, inherit_handles, | 442 DWORD win_result = target->Create(exe_path, command_line, inherit_handles, |
| 454 policy_base->GetLowBoxSid() ? true : false, | |
| 455 startup_info, &process_info); | 443 startup_info, &process_info); |
| 456 | 444 |
| 457 // Restore the previous handle protection values. | 445 // Restore the previous handle protection values. |
| 458 for (size_t i = 0; i < inherited_handle_list.size(); ++i) { | 446 for (size_t i = 0; i < inherited_handle_list.size(); ++i) { |
| 459 ::SetHandleInformation(inherited_handle_list[i], | 447 ::SetHandleInformation(inherited_handle_list[i], |
| 460 HANDLE_FLAG_PROTECT_FROM_CLOSE, | 448 HANDLE_FLAG_PROTECT_FROM_CLOSE, |
| 461 inherited_handle_information[i]); | 449 inherited_handle_information[i]); |
| 462 } | 450 } |
| 463 | 451 |
| 464 policy_base->ClearSharedHandles(); | 452 policy_base->ClearSharedHandles(); |
| (...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 576 return SBOX_ERROR_UNSUPPORTED; | 564 return SBOX_ERROR_UNSUPPORTED; |
| 577 | 565 |
| 578 base::string16 name = LookupAppContainer(sid); | 566 base::string16 name = LookupAppContainer(sid); |
| 579 if (name.empty()) | 567 if (name.empty()) |
| 580 return SBOX_ERROR_INVALID_APP_CONTAINER; | 568 return SBOX_ERROR_INVALID_APP_CONTAINER; |
| 581 | 569 |
| 582 return DeleteAppContainer(sid); | 570 return DeleteAppContainer(sid); |
| 583 } | 571 } |
| 584 | 572 |
| 585 } // namespace sandbox | 573 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1263603002:
Rework target process creation to minimize creation routes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master