OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ | 5 #ifndef SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ |
6 #define SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ | 6 #define SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ |
7 | 7 |
8 #include <mach/mach.h> | 8 #include <mach/mach.h> |
9 #include <stdint.h> | 9 #include <stdint.h> |
10 | 10 |
11 #include <map> | 11 #include <map> |
| 12 #include <memory> |
12 #include <string> | 13 #include <string> |
13 | 14 |
14 #include "base/mac/dispatch_source_mach.h" | 15 #include "base/mac/dispatch_source_mach.h" |
15 #include "base/mac/scoped_mach_port.h" | 16 #include "base/mac/scoped_mach_port.h" |
16 #include "base/memory/scoped_ptr.h" | |
17 #include "base/process/process_handle.h" | 17 #include "base/process/process_handle.h" |
18 #include "base/synchronization/lock.h" | 18 #include "base/synchronization/lock.h" |
19 #include "sandbox/mac/policy.h" | 19 #include "sandbox/mac/policy.h" |
20 #include "sandbox/sandbox_export.h" | 20 #include "sandbox/sandbox_export.h" |
21 | 21 |
22 namespace sandbox { | 22 namespace sandbox { |
23 | 23 |
24 class LaunchdInterceptionServer; | 24 class LaunchdInterceptionServer; |
25 class PreExecDelegate; | 25 class PreExecDelegate; |
26 | 26 |
(...skipping 14 matching lines...) Expand all Loading... |
41 // being enforced, it should use NewClient() to create a PreExecDelegate for | 41 // being enforced, it should use NewClient() to create a PreExecDelegate for |
42 // a sandbox policy ID and set it to the base::LaunchOptions.pre_exec_delegate. | 42 // a sandbox policy ID and set it to the base::LaunchOptions.pre_exec_delegate. |
43 // | 43 // |
44 // When a child process exits, the parent should call InvalidateClient() to | 44 // When a child process exits, the parent should call InvalidateClient() to |
45 // clean up any mappings in this class. | 45 // clean up any mappings in this class. |
46 // | 46 // |
47 // All methods of this class may be called from any thread. | 47 // All methods of this class may be called from any thread. |
48 class SANDBOX_EXPORT BootstrapSandbox { | 48 class SANDBOX_EXPORT BootstrapSandbox { |
49 public: | 49 public: |
50 // Creates a new sandbox manager. Returns NULL on failure. | 50 // Creates a new sandbox manager. Returns NULL on failure. |
51 static scoped_ptr<BootstrapSandbox> Create(); | 51 static std::unique_ptr<BootstrapSandbox> Create(); |
52 | 52 |
53 // For use in newly created child processes. Checks in with the bootstrap | 53 // For use in newly created child processes. Checks in with the bootstrap |
54 // sandbox manager running in the parent process. |sandbox_server_port| is | 54 // sandbox manager running in the parent process. |sandbox_server_port| is |
55 // the Mach send right to the sandbox |check_in_server_| (in the child). | 55 // the Mach send right to the sandbox |check_in_server_| (in the child). |
56 // |sandbox_token| is the assigned token. On return, |bootstrap_port| is set | 56 // |sandbox_token| is the assigned token. On return, |bootstrap_port| is set |
57 // to a new Mach send right to be used in the child as the task's bootstrap | 57 // to a new Mach send right to be used in the child as the task's bootstrap |
58 // port. | 58 // port. |
59 static bool ClientCheckIn(mach_port_t sandbox_server_port, | 59 static bool ClientCheckIn(mach_port_t sandbox_server_port, |
60 uint64_t sandbox_token, | 60 uint64_t sandbox_token, |
61 mach_port_t* bootstrap_port); | 61 mach_port_t* bootstrap_port); |
62 | 62 |
63 ~BootstrapSandbox(); | 63 ~BootstrapSandbox(); |
64 | 64 |
65 // Registers a bootstrap policy associated it with an identifier. The | 65 // Registers a bootstrap policy associated it with an identifier. The |
66 // |sandbox_policy_id| must be greater than 0. | 66 // |sandbox_policy_id| must be greater than 0. |
67 void RegisterSandboxPolicy(int sandbox_policy_id, | 67 void RegisterSandboxPolicy(int sandbox_policy_id, |
68 const BootstrapSandboxPolicy& policy); | 68 const BootstrapSandboxPolicy& policy); |
69 | 69 |
70 // Creates a new PreExecDelegate to pass to base::LaunchOptions. This will | 70 // Creates a new PreExecDelegate to pass to base::LaunchOptions. This will |
71 // enforce the policy with |sandbox_policy_id| on the new process. | 71 // enforce the policy with |sandbox_policy_id| on the new process. |
72 scoped_ptr<PreExecDelegate> NewClient(int sandbox_policy_id); | 72 std::unique_ptr<PreExecDelegate> NewClient(int sandbox_policy_id); |
73 | 73 |
74 // If a client did not launch properly, the sandbox provided to the | 74 // If a client did not launch properly, the sandbox provided to the |
75 // PreExecDelegate should be invalidated using this method. | 75 // PreExecDelegate should be invalidated using this method. |
76 void RevokeToken(uint64_t token); | 76 void RevokeToken(uint64_t token); |
77 | 77 |
78 // Called in the parent when a process has died. It cleans up the references | 78 // Called in the parent when a process has died. It cleans up the references |
79 // to the process. | 79 // to the process. |
80 void InvalidateClient(base::ProcessHandle handle); | 80 void InvalidateClient(base::ProcessHandle handle); |
81 | 81 |
82 // Looks up the policy for a given process ID. If no policy is associated | 82 // Looks up the policy for a given process ID. If no policy is associated |
(...skipping 28 matching lines...) Expand all Loading... |
111 // The association between process ID and sandbox policy ID. | 111 // The association between process ID and sandbox policy ID. |
112 std::map<base::ProcessHandle, int> sandboxed_processes_; | 112 std::map<base::ProcessHandle, int> sandboxed_processes_; |
113 | 113 |
114 // The association between a new process' sandbox token and its policy ID. | 114 // The association between a new process' sandbox token and its policy ID. |
115 // The entry is removed after the process checks in, and the mapping moves | 115 // The entry is removed after the process checks in, and the mapping moves |
116 // to |sandboxed_processes_|. | 116 // to |sandboxed_processes_|. |
117 std::map<uint64_t, int> awaiting_processes_; | 117 std::map<uint64_t, int> awaiting_processes_; |
118 | 118 |
119 // A Mach IPC message server that is used to intercept and filter bootstrap | 119 // A Mach IPC message server that is used to intercept and filter bootstrap |
120 // requests. | 120 // requests. |
121 scoped_ptr<LaunchdInterceptionServer> launchd_server_; | 121 std::unique_ptr<LaunchdInterceptionServer> launchd_server_; |
122 | 122 |
123 // The port and dispatch source for receiving client check in messages sent | 123 // The port and dispatch source for receiving client check in messages sent |
124 // via ClientCheckIn(). | 124 // via ClientCheckIn(). |
125 base::mac::ScopedMachReceiveRight check_in_port_; | 125 base::mac::ScopedMachReceiveRight check_in_port_; |
126 scoped_ptr<base::DispatchSourceMach> check_in_server_; | 126 std::unique_ptr<base::DispatchSourceMach> check_in_server_; |
127 }; | 127 }; |
128 | 128 |
129 } // namespace sandbox | 129 } // namespace sandbox |
130 | 130 |
131 #endif // SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ | 131 #endif // SANDBOX_MAC_BOOTSTRAP_SANDBOX_H_ |
OLD | NEW |