| Index: remoting/host/win/unprivileged_process_delegate.cc
|
| diff --git a/remoting/host/win/unprivileged_process_delegate.cc b/remoting/host/win/unprivileged_process_delegate.cc
|
| index 9a7f2ab0ff7780d58308d3c88e0d6f73e1b2243e..c938561034d91e32291cfeaddb9bb04cd352de97 100644
|
| --- a/remoting/host/win/unprivileged_process_delegate.cc
|
| +++ b/remoting/host/win/unprivileged_process_delegate.cc
|
| @@ -26,8 +26,9 @@
|
| #include "ipc/ipc_channel.h"
|
| #include "ipc/ipc_channel_proxy.h"
|
| #include "ipc/ipc_message.h"
|
| +#include "mojo/edk/embedder/embedder.h"
|
| +#include "mojo/edk/embedder/platform_channel_pair.h"
|
| #include "remoting/base/typed_buffer.h"
|
| -#include "remoting/host/ipc_util.h"
|
| #include "remoting/host/switches.h"
|
| #include "remoting/host/win/launch_process_with_token.h"
|
| #include "remoting/host/win/security_descriptor.h"
|
| @@ -239,8 +240,6 @@ void UnprivilegedProcessDelegate::LaunchProcess(
|
|
|
| event_handler_ = event_handler;
|
|
|
| - std::unique_ptr<IPC::ChannelProxy> server;
|
| -
|
| // Create a restricted token that will be used to run the worker process.
|
| ScopedHandle token;
|
| if (!CreateRestrictedToken(&token)) {
|
| @@ -277,47 +276,50 @@ void UnprivilegedProcessDelegate::LaunchProcess(
|
| thread_attributes.lpSecurityDescriptor = thread_sd.get();
|
| thread_attributes.bInheritHandle = FALSE;
|
|
|
| + // Create our own window station and desktop accessible by |logon_sid|.
|
| + WindowStationAndDesktop handles;
|
| + if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) {
|
| + PLOG(ERROR) << "Failed to create a window station and desktop";
|
| + ReportFatalError();
|
| + return;
|
| + }
|
| +
|
| + const std::string mojo_child_token = mojo::edk::GenerateRandomToken();
|
| + const std::string mojo_message_pipe_token = mojo::edk::GenerateRandomToken();
|
| +
|
| + std::unique_ptr<IPC::ChannelProxy> server =
|
| + base::MakeUnique<IPC::ChannelProxy>(this, io_task_runner_);
|
| + IPC::AttachmentBroker::GetGlobal()->RegisterCommunicationChannel(
|
| + server.get(), io_task_runner_);
|
| + server->Init(mojo::edk::CreateParentMessagePipe(mojo_message_pipe_token,
|
| + mojo_child_token)
|
| + .release(),
|
| + IPC::Channel::MODE_SERVER, /*create_pipe_now=*/true);
|
| + base::CommandLine command_line(target_command_->argv());
|
| + command_line.AppendSwitchASCII(kMojoPipeToken, mojo_message_pipe_token);
|
| +
|
| + base::HandlesToInheritVector handles_to_inherit = {
|
| + handles.desktop(), handles.window_station(),
|
| + };
|
| + mojo::edk::PlatformChannelPair mojo_channel;
|
| + mojo_channel.PrepareToPassClientHandleToChildProcess(&command_line,
|
| + &handles_to_inherit);
|
| +
|
| + // Try to launch the worker process. The launched process inherits
|
| + // the window station, desktop and pipe handles, created above.
|
| ScopedHandle worker_process;
|
| - {
|
| - // Take a lock when any inheritable handles are open to make sure that only
|
| - // one process inherits them.
|
| - base::AutoLock lock(g_inherit_handles_lock.Get());
|
| -
|
| - // Create a connected IPC channel.
|
| - base::File client;
|
| - if (!CreateConnectedIpcChannel(io_task_runner_, this, &client, &server)) {
|
| - ReportFatalError();
|
| - return;
|
| - }
|
| -
|
| - // Convert the handle value into a decimal integer. Handle values are 32bit
|
| - // even on 64bit platforms.
|
| - std::string pipe_handle = base::StringPrintf(
|
| - "%d", reinterpret_cast<ULONG_PTR>(client.GetPlatformFile()));
|
| -
|
| - // Pass the IPC channel via the command line.
|
| - base::CommandLine command_line(target_command_->argv());
|
| - command_line.AppendSwitchASCII(kDaemonPipeSwitchName, pipe_handle);
|
| -
|
| - // Create our own window station and desktop accessible by |logon_sid|.
|
| - WindowStationAndDesktop handles;
|
| - if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) {
|
| - PLOG(ERROR) << "Failed to create a window station and desktop";
|
| - ReportFatalError();
|
| - return;
|
| - }
|
| -
|
| - // Try to launch the worker process. The launched process inherits
|
| - // the window station, desktop and pipe handles, created above.
|
| - ScopedHandle worker_thread;
|
| - if (!LaunchProcessWithToken(
|
| - command_line.GetProgram(), command_line.GetCommandLineString(),
|
| - token.Get(), &process_attributes, &thread_attributes, true, 0,
|
| - nullptr, &worker_process, &worker_thread)) {
|
| - ReportFatalError();
|
| - return;
|
| - }
|
| + ScopedHandle worker_thread;
|
| + if (!LaunchProcessWithToken(
|
| + command_line.GetProgram(), command_line.GetCommandLineString(),
|
| + token.Get(), &process_attributes, &thread_attributes,
|
| + handles_to_inherit, /* creation_flags= */ 0,
|
| + /* thread_attributes= */ nullptr, &worker_process, &worker_thread)) {
|
| + mojo::edk::ChildProcessLaunchFailed(mojo_child_token);
|
| + ReportFatalError();
|
| + return;
|
| }
|
| + mojo::edk::ChildProcessLaunched(
|
| + worker_process.Get(), mojo_channel.PassServerHandle(), mojo_child_token);
|
|
|
| channel_ = std::move(server);
|
|
|
|
|
Chromium Code Reviews
Issue 2424353002:
Use ChannelMojo between the remoting daemon and network processes. (Closed)
