| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_ | |
| 6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_ | |
| 7 | |
| 8 #include <windows.h> | |
| 9 #include <stddef.h> | |
| 10 #include <stdint.h> | |
| 11 | |
| 12 #include "base/macros.h" | |
| 13 #include "base/memory/free_deleter.h" | |
| 14 #include "base/memory/scoped_ptr.h" | |
| 15 #include "base/win/scoped_handle.h" | |
| 16 #include "base/win/scoped_process_information.h" | |
| 17 #include "sandbox/win/src/crosscall_server.h" | |
| 18 #include "sandbox/win/src/sandbox_types.h" | |
| 19 | |
| 20 namespace base { | |
| 21 namespace win { | |
| 22 | |
| 23 class StartupInformation; | |
| 24 | |
| 25 }; // namespace win | |
| 26 }; // namespace base | |
| 27 | |
| 28 namespace sandbox { | |
| 29 | |
| 30 class AttributeList; | |
| 31 class SharedMemIPCServer; | |
| 32 class ThreadProvider; | |
| 33 | |
| 34 // TargetProcess models a target instance (child process). Objects of this | |
| 35 // class are owned by the Policy used to create them. | |
| 36 class TargetProcess { | |
| 37 public: | |
| 38 // The constructor takes ownership of |initial_token|, |lockdown_token| | |
| 39 // and |lowbox_token|. | |
| 40 TargetProcess(base::win::ScopedHandle initial_token, | |
| 41 base::win::ScopedHandle lockdown_token, | |
| 42 base::win::ScopedHandle lowbox_token, | |
| 43 HANDLE job, | |
| 44 ThreadProvider* thread_pool); | |
| 45 ~TargetProcess(); | |
| 46 | |
| 47 // TODO(cpu): Currently there does not seem to be a reason to implement | |
| 48 // reference counting for this class since is internal, but kept the | |
| 49 // the same interface so the interception framework does not need to be | |
| 50 // touched at this point. | |
| 51 void AddRef() {} | |
| 52 void Release() {} | |
| 53 | |
| 54 // Creates the new target process. The process is created suspended. | |
| 55 DWORD Create(const wchar_t* exe_path, | |
| 56 const wchar_t* command_line, | |
| 57 bool inherit_handles, | |
| 58 const base::win::StartupInformation& startup_info, | |
| 59 base::win::ScopedProcessInformation* target_info); | |
| 60 | |
| 61 // Destroys the target process. | |
| 62 void Terminate(); | |
| 63 | |
| 64 // Creates the IPC objects such as the BrokerDispatcher and the | |
| 65 // IPC server. The IPC server uses the services of the thread_pool. | |
| 66 DWORD Init(Dispatcher* ipc_dispatcher, | |
| 67 void* policy, | |
| 68 uint32_t shared_IPC_size, | |
| 69 uint32_t shared_policy_size); | |
| 70 | |
| 71 // Returns the handle to the target process. | |
| 72 HANDLE Process() const { | |
| 73 return sandbox_process_info_.process_handle(); | |
| 74 } | |
| 75 | |
| 76 // Returns the handle to the job object that the target process belongs to. | |
| 77 HANDLE Job() const { | |
| 78 return job_; | |
| 79 } | |
| 80 | |
| 81 // Returns the address of the target main exe. This is used by the | |
| 82 // interceptions framework. | |
| 83 HMODULE MainModule() const { | |
| 84 return reinterpret_cast<HMODULE>(base_address_); | |
| 85 } | |
| 86 | |
| 87 // Returns the name of the executable. | |
| 88 const wchar_t* Name() const { | |
| 89 return exe_name_.get(); | |
| 90 } | |
| 91 | |
| 92 // Returns the process id. | |
| 93 DWORD ProcessId() const { | |
| 94 return sandbox_process_info_.process_id(); | |
| 95 } | |
| 96 | |
| 97 // Returns the handle to the main thread. | |
| 98 HANDLE MainThread() const { | |
| 99 return sandbox_process_info_.thread_handle(); | |
| 100 } | |
| 101 | |
| 102 // Transfers a 32-bit variable between the broker and the target. | |
| 103 ResultCode TransferVariable(const char* name, void* address, size_t size); | |
| 104 | |
| 105 private: | |
| 106 // Details of the target process. | |
| 107 base::win::ScopedProcessInformation sandbox_process_info_; | |
| 108 // The token associated with the process. It provides the core of the | |
| 109 // sbox security. | |
| 110 base::win::ScopedHandle lockdown_token_; | |
| 111 // The token given to the initial thread so that the target process can | |
| 112 // start. It has more powers than the lockdown_token. | |
| 113 base::win::ScopedHandle initial_token_; | |
| 114 // The lowbox token associated with the process. This token is set after the | |
| 115 // process creation. | |
| 116 base::win::ScopedHandle lowbox_token_; | |
| 117 // Kernel handle to the shared memory used by the IPC server. | |
| 118 base::win::ScopedHandle shared_section_; | |
| 119 // Job object containing the target process. | |
| 120 HANDLE job_; | |
| 121 // Reference to the IPC subsystem. | |
| 122 scoped_ptr<SharedMemIPCServer> ipc_server_; | |
| 123 // Provides the threads used by the IPC. This class does not own this pointer. | |
| 124 ThreadProvider* thread_pool_; | |
| 125 // Base address of the main executable | |
| 126 void* base_address_; | |
| 127 // Full name of the target executable. | |
| 128 scoped_ptr<wchar_t, base::FreeDeleter> exe_name_; | |
| 129 | |
| 130 // Function used for testing. | |
| 131 friend TargetProcess* MakeTestTargetProcess(HANDLE process, | |
| 132 HMODULE base_address); | |
| 133 | |
| 134 DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess); | |
| 135 }; | |
| 136 | |
| 137 // Creates a mock TargetProcess used for testing interceptions. | |
| 138 // TODO(cpu): It seems that this method is not going to be used anymore. | |
| 139 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address); | |
| 140 | |
| 141 | |
| 142 } // namespace sandbox | |
| 143 | |
| 144 #endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1851213002:
Remove sandbox on Windows. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master