Make dispatcher a member of PolicyBase.

sandbox/win/src/sandbox_policy_base.cc

Index: sandbox/win/src/sandbox_policy_base.cc
diff --git a/sandbox/win/src/sandbox_policy_base.cc b/sandbox/win/src/sandbox_policy_base.cc
index 2b82f1064f9109f5ac3e393da8637253cafd3507..bcb7587464fefba61872b2c9ab809b40a84f7d48 100644
--- a/sandbox/win/src/sandbox_policy_base.cc
+++ b/sandbox/win/src/sandbox_policy_base.cc
@@ -9,34 +9,29 @@
 #include "base/basictypes.h"
 #include "base/callback.h"
 #include "base/logging.h"
+#include "base/macros.h"
 #include "base/stl_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/win/windows_version.h"
 #include "sandbox/win/src/app_container.h"
-#include "sandbox/win/src/filesystem_dispatcher.h"
 #include "sandbox/win/src/filesystem_policy.h"
-#include "sandbox/win/src/handle_dispatcher.h"
 #include "sandbox/win/src/handle_policy.h"
-#include "sandbox/win/src/job.h"
 #include "sandbox/win/src/interception.h"
-#include "sandbox/win/src/process_mitigations.h"
-#include "sandbox/win/src/named_pipe_dispatcher.h"
+#include "sandbox/win/src/job.h"
 #include "sandbox/win/src/named_pipe_policy.h"
 #include "sandbox/win/src/policy_broker.h"
 #include "sandbox/win/src/policy_engine_processor.h"
 #include "sandbox/win/src/policy_low_level.h"
-#include "sandbox/win/src/process_mitigations_win32k_dispatcher.h"
+#include "sandbox/win/src/process_mitigations.h"
 #include "sandbox/win/src/process_mitigations_win32k_policy.h"
-#include "sandbox/win/src/process_thread_dispatcher.h"
 #include "sandbox/win/src/process_thread_policy.h"
-#include "sandbox/win/src/registry_dispatcher.h"
 #include "sandbox/win/src/registry_policy.h"
 #include "sandbox/win/src/restricted_token_utils.h"
 #include "sandbox/win/src/sandbox_policy.h"
 #include "sandbox/win/src/sandbox_utils.h"
-#include "sandbox/win/src/sync_dispatcher.h"
 #include "sandbox/win/src/sync_policy.h"
 #include "sandbox/win/src/target_process.h"
+#include "sandbox/win/src/top_level_dispatcher.h"
 #include "sandbox/win/src/window.h"
 
 namespace {
@@ -107,7 +102,7 @@ HANDLE CreateLowBoxObjectDirectory(PSID lowbox_sid) {
   return handle;
 }
 
-}
+}  // namespace
 
 namespace sandbox {
 
@@ -141,42 +136,7 @@ PolicyBase::PolicyBase()
       policy_(NULL),
       lowbox_sid_(NULL) {
   ::InitializeCriticalSection(&lock_);
-  // Initialize the IPC dispatcher array.
-  memset(&ipc_targets_, NULL, sizeof(ipc_targets_));
-  Dispatcher* dispatcher = NULL;
-
-  dispatcher = new FilesystemDispatcher(this);
-  ipc_targets_[IPC_NTCREATEFILE_TAG] = dispatcher;
-  ipc_targets_[IPC_NTOPENFILE_TAG] = dispatcher;
-  ipc_targets_[IPC_NTSETINFO_RENAME_TAG] = dispatcher;
-  ipc_targets_[IPC_NTQUERYATTRIBUTESFILE_TAG] = dispatcher;
-  ipc_targets_[IPC_NTQUERYFULLATTRIBUTESFILE_TAG] = dispatcher;
-
-  dispatcher = new NamedPipeDispatcher(this);
-  ipc_targets_[IPC_CREATENAMEDPIPEW_TAG] = dispatcher;
-
-  dispatcher = new ThreadProcessDispatcher(this);
-  ipc_targets_[IPC_NTOPENTHREAD_TAG] = dispatcher;
-  ipc_targets_[IPC_NTOPENPROCESS_TAG] = dispatcher;
-  ipc_targets_[IPC_CREATEPROCESSW_TAG] = dispatcher;
-  ipc_targets_[IPC_NTOPENPROCESSTOKEN_TAG] = dispatcher;
-  ipc_targets_[IPC_NTOPENPROCESSTOKENEX_TAG] = dispatcher;
-
-  dispatcher = new SyncDispatcher(this);
-  ipc_targets_[IPC_CREATEEVENT_TAG] = dispatcher;
-  ipc_targets_[IPC_OPENEVENT_TAG] = dispatcher;
-
-  dispatcher = new RegistryDispatcher(this);
-  ipc_targets_[IPC_NTCREATEKEY_TAG] = dispatcher;
-  ipc_targets_[IPC_NTOPENKEY_TAG] = dispatcher;
-
-  dispatcher = new HandleDispatcher(this);
-  ipc_targets_[IPC_DUPLICATEHANDLEPROXY_TAG] = dispatcher;
-
-  dispatcher = new ProcessMitigationsWin32KDispatcher(this);
-  ipc_targets_[IPC_GDI_GDIDLLINITIALIZE_TAG] = dispatcher;
-  ipc_targets_[IPC_GDI_GETSTOCKOBJECT_TAG] = dispatcher;
-  ipc_targets_[IPC_USER_REGISTERCLASSW_TAG] = dispatcher;
+  dispatcher_.reset(new TopLevelDispatcher(this));
 }
 
 PolicyBase::~PolicyBase() {
@@ -187,12 +147,6 @@ PolicyBase::~PolicyBase() {
     TargetProcess* target = (*it);
     delete target;
   }
-  delete ipc_targets_[IPC_NTCREATEFILE_TAG];
-  delete ipc_targets_[IPC_CREATENAMEDPIPEW_TAG];
-  delete ipc_targets_[IPC_NTOPENTHREAD_TAG];
-  delete ipc_targets_[IPC_CREATEEVENT_TAG];
-  delete ipc_targets_[IPC_NTCREATEKEY_TAG];
-  delete ipc_targets_[IPC_DUPLICATEHANDLEPROXY_TAG];
   delete policy_maker_;
   delete policy_;
 
@@ -489,42 +443,6 @@ void PolicyBase::ClearSharedHandles() {
   STLDeleteElements(&handles_to_share_);
 }
 
-// When an IPC is ready in any of the targets we get called. We manage an array
-// of IPC dispatchers which are keyed on the IPC tag so we normally delegate
-// to the appropriate dispatcher unless we can handle the IPC call ourselves.
-Dispatcher* PolicyBase::OnMessageReady(IPCParams* ipc,
-                                       CallbackGeneric* callback) {
-  DCHECK(callback);
-  static const IPCParams ping1 = {IPC_PING1_TAG, {UINT32_TYPE}};
-  static const IPCParams ping2 = {IPC_PING2_TAG, {INOUTPTR_TYPE}};
-
-  if (ping1.Matches(ipc) || ping2.Matches(ipc)) {
-    *callback = reinterpret_cast<CallbackGeneric>(
-                    static_cast<Callback1>(&PolicyBase::Ping));
-    return this;
-  }
-
-  Dispatcher* dispatch = GetDispatcher(ipc->ipc_tag);
-  if (!dispatch) {
-    NOTREACHED();
-    return NULL;
-  }
-  return dispatch->OnMessageReady(ipc, callback);
-}
-
-// Delegate to the appropriate dispatcher.
-bool PolicyBase::SetupService(InterceptionManager* manager, int service) {
-  if (IPC_PING1_TAG == service || IPC_PING2_TAG == service)
-    return true;
-
-  Dispatcher* dispatch = GetDispatcher(service);
-  if (!dispatch) {
-    NOTREACHED();
-    return false;
-  }
-  return dispatch->SetupService(manager, service);
-}
-
 ResultCode PolicyBase::MakeJobObject(base::win::ScopedHandle* job) {
   if (job_level_ != JOB_NONE) {
     // Create the windows job object.
@@ -655,7 +573,8 @@ bool PolicyBase::AddTarget(TargetProcess* target) {
     return false;
 
   // Initialize the sandbox infrastructure for the target.
-  if (ERROR_SUCCESS != target->Init(this, policy_, kIPCMemSize, kPolMemSize))
+  if (ERROR_SUCCESS !=
+      target->Init(dispatcher_.get(), policy_, kIPCMemSize, kPolMemSize))
     return false;
 
   g_shared_delayed_integrity_level = delayed_integrity_level_;
@@ -736,46 +655,13 @@ HANDLE PolicyBase::GetStderrHandle() {
   return stderr_handle_;
 }
 
-// We service IPC_PING_TAG message which is a way to test a round trip of the
-// IPC subsystem. We receive a integer cookie and we are expected to return the
-// cookie times two (or three) and the current tick count.
-bool PolicyBase::Ping(IPCInfo* ipc, void* arg1) {
-  switch (ipc->ipc_tag) {
-    case IPC_PING1_TAG: {
-      IPCInt ipc_int(arg1);
-      uint32 cookie = ipc_int.As32Bit();
-      ipc->return_info.extended_count = 2;
-      ipc->return_info.extended[0].unsigned_int = ::GetTickCount();
-      ipc->return_info.extended[1].unsigned_int = 2 * cookie;
-      return true;
-    }
-    case IPC_PING2_TAG: {
-      CountedBuffer* io_buffer = reinterpret_cast<CountedBuffer*>(arg1);
-      if (sizeof(uint32) != io_buffer->Size())
-        return false;
-
-      uint32* cookie = reinterpret_cast<uint32*>(io_buffer->Buffer());
-      *cookie = (*cookie) * 3;
-      return true;
-    }
-    default: return false;
-  }
-}
-
-Dispatcher* PolicyBase::GetDispatcher(int ipc_tag) {
-  if (ipc_tag >= IPC_LAST_TAG || ipc_tag <= IPC_UNUSED_TAG)
-    return NULL;
-
-  return ipc_targets_[ipc_tag];
-}
-
 bool PolicyBase::SetupAllInterceptions(TargetProcess* target) {
   InterceptionManager manager(target, relaxed_interceptions_);
 
   if (policy_) {
     for (int i = 0; i < IPC_LAST_TAG; i++) {
-      if (policy_->entry[i] && !ipc_targets_[i]->SetupService(&manager, i))
-          return false;
+      if (policy_->entry[i] && !dispatcher_->SetupService(&manager, i))
+        return false;
     }
   }