Chromium Code Reviews Chromium Code Reviews
Issue 2424353002:
Use ChannelMojo between the remoting daemon and network processes. (Closed)
| Index: remoting/host/win/unprivileged_process_delegate.cc |
| diff --git a/remoting/host/win/unprivileged_process_delegate.cc b/remoting/host/win/unprivileged_process_delegate.cc |
| index 9a7f2ab0ff7780d58308d3c88e0d6f73e1b2243e..8360f0f88735a062316d789056b88932a393bd80 100644 |
| --- a/remoting/host/win/unprivileged_process_delegate.cc |
| +++ b/remoting/host/win/unprivileged_process_delegate.cc |
| @@ -26,8 +26,9 @@ |
| #include "ipc/ipc_channel.h" |
| #include "ipc/ipc_channel_proxy.h" |
| #include "ipc/ipc_message.h" |
| +#include "mojo/edk/embedder/embedder.h" |
| +#include "mojo/edk/embedder/platform_channel_pair.h" |
| #include "remoting/base/typed_buffer.h" |
| -#include "remoting/host/ipc_util.h" |
| #include "remoting/host/switches.h" |
| #include "remoting/host/win/launch_process_with_token.h" |
| #include "remoting/host/win/security_descriptor.h" |
| @@ -239,8 +240,6 @@ void UnprivilegedProcessDelegate::LaunchProcess( |
| event_handler_ = event_handler; |
| - std::unique_ptr<IPC::ChannelProxy> server; |
| - |
| // Create a restricted token that will be used to run the worker process. |
| ScopedHandle token; |
| if (!CreateRestrictedToken(&token)) { |
| @@ -277,47 +276,50 @@ void UnprivilegedProcessDelegate::LaunchProcess( |
| thread_attributes.lpSecurityDescriptor = thread_sd.get(); |
| thread_attributes.bInheritHandle = FALSE; |
| + base::CommandLine command_line(target_command_->argv()); |
|
Sergey Ulanov
2016/10/20 17:21:30
nit: Move this down, closer to where it's used.
Sam McNally
2016/10/20 22:40:22
Done.
|
| + |
| + // Create our own window station and desktop accessible by |logon_sid|. |
| + WindowStationAndDesktop handles; |
| + if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) { |
| + PLOG(ERROR) << "Failed to create a window station and desktop"; |
| + ReportFatalError(); |
| + return; |
| + } |
| + |
| + const std::string mojo_child_token = mojo::edk::GenerateRandomToken(); |
| + const std::string mojo_message_pipe_token = mojo::edk::GenerateRandomToken(); |
| + |
| + std::unique_ptr<IPC::ChannelProxy> server = |
| + base::MakeUnique<IPC::ChannelProxy>(this, io_task_runner_); |
| + IPC::AttachmentBroker::GetGlobal()->RegisterCommunicationChannel( |
| + server.get(), io_task_runner_); |
| + server->Init(mojo::edk::CreateParentMessagePipe(mojo_message_pipe_token, |
| + mojo_child_token) |
| + .release(), |
| + IPC::Channel::MODE_SERVER, /*create_pipe_now=*/true); |
| + command_line.AppendSwitchASCII(kMojoPipeToken, mojo_message_pipe_token); |
| + |
| + base::HandlesToInheritVector handles_to_inherit = { |
| + handles.desktop(), handles.window_station(), |
| + }; |
| + mojo::edk::PlatformChannelPair mojo_channel; |
| + mojo_channel.PrepareToPassClientHandleToChildProcess(&command_line, |
| + &handles_to_inherit); |
| + |
| + // Try to launch the worker process. The launched process inherits |
| + // the window station, desktop and pipe handles, created above. |
| ScopedHandle worker_process; |
| - { |
| - // Take a lock when any inheritable handles are open to make sure that only |
| - // one process inherits them. |
| - base::AutoLock lock(g_inherit_handles_lock.Get()); |
| - |
| - // Create a connected IPC channel. |
| - base::File client; |
| - if (!CreateConnectedIpcChannel(io_task_runner_, this, &client, &server)) { |
| - ReportFatalError(); |
| - return; |
| - } |
| - |
| - // Convert the handle value into a decimal integer. Handle values are 32bit |
| - // even on 64bit platforms. |
| - std::string pipe_handle = base::StringPrintf( |
| - "%d", reinterpret_cast<ULONG_PTR>(client.GetPlatformFile())); |
| - |
| - // Pass the IPC channel via the command line. |
| - base::CommandLine command_line(target_command_->argv()); |
| - command_line.AppendSwitchASCII(kDaemonPipeSwitchName, pipe_handle); |
| - |
| - // Create our own window station and desktop accessible by |logon_sid|. |
| - WindowStationAndDesktop handles; |
| - if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) { |
| - PLOG(ERROR) << "Failed to create a window station and desktop"; |
| - ReportFatalError(); |
| - return; |
| - } |
| - |
| - // Try to launch the worker process. The launched process inherits |
| - // the window station, desktop and pipe handles, created above. |
| - ScopedHandle worker_thread; |
| - if (!LaunchProcessWithToken( |
| - command_line.GetProgram(), command_line.GetCommandLineString(), |
| - token.Get(), &process_attributes, &thread_attributes, true, 0, |
| - nullptr, &worker_process, &worker_thread)) { |
| - ReportFatalError(); |
| - return; |
| - } |
| + ScopedHandle worker_thread; |
| + if (!LaunchProcessWithToken( |
| + command_line.GetProgram(), command_line.GetCommandLineString(), |
| + token.Get(), &process_attributes, &thread_attributes, |
| + handles_to_inherit, 0, nullptr, &worker_process, &worker_thread)) { |
| + mojo::edk::ChildProcessLaunchFailed(mojo_child_token); |
| + ReportFatalError(); |
| + return; |
| } |
| + mojo::edk::ChildProcessLaunched( |
| + worker_process.Get(), mojo_channel.PassServerHandle(), mojo_child_token); |
| channel_ = std::move(server); |
