| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef IPC_ATTACHMENT_BROKER_PRIVILEGED_H_ | |
| 6 #define IPC_ATTACHMENT_BROKER_PRIVILEGED_H_ | |
| 7 | |
| 8 #include <utility> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/macros.h" | |
| 12 #include "base/memory/ref_counted.h" | |
| 13 #include "base/single_thread_task_runner.h" | |
| 14 #include "build/build_config.h" | |
| 15 #include "ipc/attachment_broker.h" | |
| 16 #include "ipc/ipc_export.h" | |
| 17 | |
| 18 #if defined(OS_MACOSX) && !defined(OS_IOS) | |
| 19 namespace base { | |
| 20 class PortProvider; | |
| 21 } // namespace base | |
| 22 #endif // defined(OS_MACOSX) && !defined(OS_IOS) | |
| 23 | |
| 24 namespace IPC { | |
| 25 | |
| 26 class Endpoint; | |
| 27 class Sender; | |
| 28 | |
| 29 // This abstract subclass of AttachmentBroker is intended for use in a | |
| 30 // privileged process . When unprivileged processes want to send attachments, | |
| 31 // the attachments get routed through the privileged process, and more | |
| 32 // specifically, an instance of this class. | |
| 33 class IPC_EXPORT AttachmentBrokerPrivileged : public IPC::AttachmentBroker { | |
| 34 public: | |
| 35 AttachmentBrokerPrivileged(); | |
| 36 ~AttachmentBrokerPrivileged() override; | |
| 37 | |
| 38 // If there is no global attachment broker, makes a new | |
| 39 // AttachmentBrokerPrivileged and sets it as the global attachment broker. | |
| 40 // This method is thread safe. | |
| 41 #if defined(OS_MACOSX) && !defined(OS_IOS) | |
| 42 static void CreateBrokerIfNeeded(base::PortProvider* provider); | |
| 43 #else | |
| 44 static void CreateBrokerIfNeeded(); | |
| 45 #endif // defined(OS_MACOSX) && !defined(OS_IOS) | |
| 46 | |
| 47 // Similar to CreateBrokerIfNeeded(), but useful for single process unit tests | |
| 48 // that don't need real attachment brokering, and don't want to deal with | |
| 49 // setting up a fake PortProvider. | |
| 50 static void CreateBrokerForSingleProcessTests(); | |
| 51 | |
| 52 // AttachmentBroker overrides. | |
| 53 void RegisterCommunicationChannel( | |
| 54 Endpoint* endpoint, | |
| 55 scoped_refptr<base::SingleThreadTaskRunner> runner) override; | |
| 56 void DeregisterCommunicationChannel(Endpoint* endpoint) override; | |
| 57 bool IsPrivilegedBroker() override; | |
| 58 | |
| 59 protected: | |
| 60 using EndpointRunnerPair = | |
| 61 std::pair<Endpoint*, scoped_refptr<base::SingleThreadTaskRunner>>; | |
| 62 | |
| 63 // Returns the sender whose peer's process id is |id|. | |
| 64 // Returns nullptr if no sender is found. | |
| 65 // The lock returned by get_lock() must already be acquired before calling | |
| 66 // this method. The return value is only guaranteed to be valid while the lock | |
| 67 // is held. | |
| 68 EndpointRunnerPair GetSenderWithProcessId(base::ProcessId id); | |
| 69 | |
| 70 // Sends a message to the endpoint, dispatching onto another thread if | |
| 71 // necessary. | |
| 72 void SendMessageToEndpoint(EndpointRunnerPair pair, Message* message); | |
| 73 | |
| 74 // Errors that can be reported by subclasses. | |
| 75 // These match tools/metrics/histograms/histograms.xml. | |
| 76 // This enum is append-only. | |
| 77 enum UMAError { | |
| 78 // The brokerable attachment had a valid destination. This is the success | |
| 79 // case. | |
| 80 DESTINATION_FOUND = 0, | |
| 81 // The brokerable attachment had a destination, but the broker did not have | |
| 82 // a channel of communication with that process. | |
| 83 DESTINATION_NOT_FOUND = 1, | |
| 84 // The brokerable attachment did not have a destination process. | |
| 85 NO_DESTINATION = 2, | |
| 86 // Error making an intermediate Mach port. | |
| 87 ERROR_MAKE_INTERMEDIATE = 3, | |
| 88 // Error parsing DuplicateMachPort message. | |
| 89 ERROR_PARSE_DUPLICATE_MACH_PORT_MESSAGE = 4, | |
| 90 // Couldn't get a task port for the process with a given pid. | |
| 91 ERROR_TASK_FOR_PID = 5, | |
| 92 // Couldn't make a port with receive rights in the destination process. | |
| 93 ERROR_MAKE_RECEIVE_PORT = 6, | |
| 94 // Couldn't change the attributes of a Mach port. | |
| 95 ERROR_SET_ATTRIBUTES = 7, | |
| 96 // Couldn't extract a right from the destination. | |
| 97 ERROR_EXTRACT_DEST_RIGHT = 8, | |
| 98 // Couldn't send a Mach port in a call to mach_msg(). | |
| 99 ERROR_SEND_MACH_PORT = 9, | |
| 100 // Couldn't decrease the ref count on a Mach port. | |
| 101 ERROR_DECREASE_REF = 10, | |
| 102 // Couldn't extract a right from the source. | |
| 103 ERROR_EXTRACT_SOURCE_RIGHT = 11, | |
| 104 // The broker did not have a channel of communication with the source | |
| 105 // process. | |
| 106 ERROR_SOURCE_NOT_FOUND = 12, | |
| 107 // The broker could not open the source or destination process with extra | |
| 108 // privileges. | |
| 109 ERROR_COULD_NOT_OPEN_SOURCE_OR_DEST = 13, | |
| 110 // The broker was asked to transfer a HANDLE with invalid permissions. | |
| 111 ERROR_INVALID_PERMISSIONS = 14, | |
| 112 // The broker was not immediately able to send an attachment. | |
| 113 DELAYED = 15, | |
| 114 // The broker successfully sent a delayed attachment. | |
| 115 DELAYED_SEND = 16, | |
| 116 ERROR_MAX | |
| 117 }; | |
| 118 | |
| 119 // Emits an UMA metric. | |
| 120 void LogError(UMAError error); | |
| 121 | |
| 122 private: | |
| 123 // A vector of Endpoints, and the SingleThreadTaskRunner that should be used | |
| 124 // to invoke Send() on each Endpoint. | |
| 125 std::vector<EndpointRunnerPair> endpoints_; | |
| 126 DISALLOW_COPY_AND_ASSIGN(AttachmentBrokerPrivileged); | |
| 127 }; | |
| 128 | |
| 129 } // namespace IPC | |
| 130 | |
| 131 #endif // IPC_ATTACHMENT_BROKER_PRIVILEGED_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2473993003:
Delete IPC::ChannelPosix, IPC::ChannelWin and IPC::AttachmentBroker. (Closed)
