Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(619)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/target_process.h

Issue 1263603002: Rework target process creation to minimize creation routes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Renamed token variables to reflect their lowbox status Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/sandbox_policy_base.cc ('k') | sandbox/win/src/target_process.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_
6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_
7 7
8 #include <windows.h> 8 #include <windows.h>
9 9
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
(...skipping 14 matching lines...) Expand all
25 namespace sandbox { 25 namespace sandbox {
26 26
27 class AttributeList; 27 class AttributeList;
28 class SharedMemIPCServer; 28 class SharedMemIPCServer;
29 class ThreadProvider; 29 class ThreadProvider;
30 30
31 // TargetProcess models a target instance (child process). Objects of this 31 // TargetProcess models a target instance (child process). Objects of this
32 // class are owned by the Policy used to create them. 32 // class are owned by the Policy used to create them.
33 class TargetProcess { 33 class TargetProcess {
34 public: 34 public:
35 // The constructor takes ownership of |initial_token| and |lockdown_token|. 35 // The constructor takes ownership of |initial_token|, |lockdown_token|
36 // and |lowbox_token|.
36 TargetProcess(base::win::ScopedHandle initial_token, 37 TargetProcess(base::win::ScopedHandle initial_token,
37 base::win::ScopedHandle lockdown_token, 38 base::win::ScopedHandle lockdown_token,
38 HANDLE job, ThreadProvider* thread_pool); 39 base::win::ScopedHandle lowbox_token,
40 HANDLE job,
41 ThreadProvider* thread_pool);
39 ~TargetProcess(); 42 ~TargetProcess();
40 43
41 // TODO(cpu): Currently there does not seem to be a reason to implement 44 // TODO(cpu): Currently there does not seem to be a reason to implement
42 // reference counting for this class since is internal, but kept the 45 // reference counting for this class since is internal, but kept the
43 // the same interface so the interception framework does not need to be 46 // the same interface so the interception framework does not need to be
44 // touched at this point. 47 // touched at this point.
45 void AddRef() {} 48 void AddRef() {}
46 void Release() {} 49 void Release() {}
47 50
48 // Creates the new target process. The process is created suspended. 51 // Creates the new target process. The process is created suspended.
49 // When |set_lockdown_token_after_create| is set, the lockdown token
50 // is replaced after the process is created
51 DWORD Create(const wchar_t* exe_path, 52 DWORD Create(const wchar_t* exe_path,
52 const wchar_t* command_line, 53 const wchar_t* command_line,
53 bool inherit_handles, 54 bool inherit_handles,
54 bool set_lockdown_token_after_create,
55 const base::win::StartupInformation& startup_info, 55 const base::win::StartupInformation& startup_info,
56 base::win::ScopedProcessInformation* target_info); 56 base::win::ScopedProcessInformation* target_info);
57 57
58 // Destroys the target process. 58 // Destroys the target process.
59 void Terminate(); 59 void Terminate();
60 60
61 // Creates the IPC objects such as the BrokerDispatcher and the 61 // Creates the IPC objects such as the BrokerDispatcher and the
62 // IPC server. The IPC server uses the services of the thread_pool. 62 // IPC server. The IPC server uses the services of the thread_pool.
63 DWORD Init(Dispatcher* ipc_dispatcher, void* policy, 63 DWORD Init(Dispatcher* ipc_dispatcher, void* policy,
64 uint32 shared_IPC_size, uint32 shared_policy_size); 64 uint32 shared_IPC_size, uint32 shared_policy_size);
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
96 96
97 // Transfers a 32-bit variable between the broker and the target. 97 // Transfers a 32-bit variable between the broker and the target.
98 ResultCode TransferVariable(const char* name, void* address, size_t size); 98 ResultCode TransferVariable(const char* name, void* address, size_t size);
99 99
100 private: 100 private:
101 // Details of the target process. 101 // Details of the target process.
102 base::win::ScopedProcessInformation sandbox_process_info_; 102 base::win::ScopedProcessInformation sandbox_process_info_;
103 // The token associated with the process. It provides the core of the 103 // The token associated with the process. It provides the core of the
104 // sbox security. 104 // sbox security.
105 base::win::ScopedHandle lockdown_token_; 105 base::win::ScopedHandle lockdown_token_;
106 // The lowbox token associated with the process. This token is set after the
107 // process creation.
108 base::win::ScopedHandle lowbox_token_;
106 // The token given to the initial thread so that the target process can 109 // The token given to the initial thread so that the target process can
107 // start. It has more powers than the lockdown_token. 110 // start. It has more powers than the lockdown_token.
108 base::win::ScopedHandle initial_token_; 111 base::win::ScopedHandle initial_token_;
109 // Kernel handle to the shared memory used by the IPC server. 112 // Kernel handle to the shared memory used by the IPC server.
110 base::win::ScopedHandle shared_section_; 113 base::win::ScopedHandle shared_section_;
111 // Job object containing the target process. 114 // Job object containing the target process.
112 HANDLE job_; 115 HANDLE job_;
113 // Reference to the IPC subsystem. 116 // Reference to the IPC subsystem.
114 scoped_ptr<SharedMemIPCServer> ipc_server_; 117 scoped_ptr<SharedMemIPCServer> ipc_server_;
115 // Provides the threads used by the IPC. This class does not own this pointer. 118 // Provides the threads used by the IPC. This class does not own this pointer.
(...skipping 11 matching lines...) Expand all
127 }; 130 };
128 131
129 // Creates a mock TargetProcess used for testing interceptions. 132 // Creates a mock TargetProcess used for testing interceptions.
130 // TODO(cpu): It seems that this method is not going to be used anymore. 133 // TODO(cpu): It seems that this method is not going to be used anymore.
131 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address); 134 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address);
132 135
133 136
134 } // namespace sandbox 137 } // namespace sandbox
135 138
136 #endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 139 #endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_
OLDNEW
« no previous file with comments | « sandbox/win/src/sandbox_policy_base.cc ('k') | sandbox/win/src/target_process.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698