OLD | NEW |
| (Empty) |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef IPC_ATTACHMENT_BROKER_PRIVILEGED_WIN_H_ | |
6 #define IPC_ATTACHMENT_BROKER_PRIVILEGED_WIN_H_ | |
7 | |
8 #include <map> | |
9 #include <vector> | |
10 | |
11 #include "base/macros.h" | |
12 #include "ipc/attachment_broker_privileged.h" | |
13 #include "ipc/handle_attachment_win.h" | |
14 #include "ipc/ipc_export.h" | |
15 | |
16 namespace IPC { | |
17 | |
18 // This class is a concrete subclass of AttachmentBrokerPrivileged for the | |
19 // Windows platform. | |
20 class IPC_EXPORT AttachmentBrokerPrivilegedWin | |
21 : public AttachmentBrokerPrivileged { | |
22 public: | |
23 AttachmentBrokerPrivilegedWin(); | |
24 ~AttachmentBrokerPrivilegedWin() override; | |
25 | |
26 // IPC::AttachmentBroker overrides. | |
27 bool SendAttachmentToProcess( | |
28 const scoped_refptr<IPC::BrokerableAttachment>& attachment, | |
29 base::ProcessId destination_process) override; | |
30 void ReceivedPeerPid(base::ProcessId peer_pid) override; | |
31 | |
32 // IPC::Listener overrides. | |
33 bool OnMessageReceived(const Message& message) override; | |
34 | |
35 private: | |
36 using HandleWireFormat = internal::HandleAttachmentWin::WireFormat; | |
37 // IPC message handlers. | |
38 void OnDuplicateWinHandle(const Message& message); | |
39 | |
40 // Duplicates |wire_Format| from |source_process| into its destination | |
41 // process. Closes the original HANDLE. | |
42 HandleWireFormat DuplicateWinHandle(const HandleWireFormat& wire_format, | |
43 base::ProcessId source_process); | |
44 | |
45 // Copies an existing |wire_format|, but substitutes in a different handle. | |
46 HandleWireFormat CopyWireFormat(const HandleWireFormat& wire_format, | |
47 int handle); | |
48 | |
49 // If the HANDLE's destination is this process, queue it and notify the | |
50 // observers. Otherwise, send it in an IPC to its destination. | |
51 // If the destination process cannot be found, |store_on_failure| indicates | |
52 // whether the |wire_format| should be stored, or an error should be emitted. | |
53 void RouteDuplicatedHandle(const HandleWireFormat& wire_format, | |
54 bool store_on_failure); | |
55 | |
56 // Wire formats that cannot be immediately sent to the destination process | |
57 // because the connection has not been established. If, for some reason, the | |
58 // connection is never established, then the assumption is that the | |
59 // destination process died. The resource itself will be cleaned up by the OS, | |
60 // but the data structure HandleWireFormat will leak. If, at a later point in | |
61 // time, a new process is created with the same process id, the WireFormats | |
62 // will be passed to the new process. There is no security problem, since the | |
63 // resource itself is not being sent. Furthermore, it is unlikely to affect | |
64 // the functionality of the new process, since AttachmentBroker ids are large, | |
65 // unguessable nonces. | |
66 using WireFormats = std::vector<HandleWireFormat>; | |
67 std::map<base::ProcessId, WireFormats> stored_wire_formats_; | |
68 | |
69 DISALLOW_COPY_AND_ASSIGN(AttachmentBrokerPrivilegedWin); | |
70 }; | |
71 | |
72 } // namespace IPC | |
73 | |
74 #endif // IPC_ATTACHMENT_BROKER_PRIVILEGED_WIN_H_ | |
OLD | NEW |