OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This file implements the Windows service controlling Me2Me host processes | 5 // This file implements the Windows service controlling Me2Me host processes |
6 // running within user sessions. | 6 // running within user sessions. |
7 | 7 |
8 #include "remoting/host/win/wts_session_process_delegate.h" | 8 #include "remoting/host/win/wts_session_process_delegate.h" |
9 | 9 |
10 #include <utility> | 10 #include <utility> |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
49 // |WtsSessionProcessDelegate|. This class is ref-counted and implements | 49 // |WtsSessionProcessDelegate|. This class is ref-counted and implements |
50 // asynchronous fire-and-forget shutdown. | 50 // asynchronous fire-and-forget shutdown. |
51 class WtsSessionProcessDelegate::Core | 51 class WtsSessionProcessDelegate::Core |
52 : public base::RefCountedThreadSafe<Core>, | 52 : public base::RefCountedThreadSafe<Core>, |
53 public base::MessagePumpForIO::IOHandler, | 53 public base::MessagePumpForIO::IOHandler, |
54 public IPC::Listener { | 54 public IPC::Listener { |
55 public: | 55 public: |
56 Core(scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | 56 Core(scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, |
57 std::unique_ptr<base::CommandLine> target, | 57 std::unique_ptr<base::CommandLine> target, |
58 bool launch_elevated, | 58 bool launch_elevated, |
59 const std::string& channel_security, | 59 const std::string& channel_security); |
60 const std::string& new_process_security); | |
61 | 60 |
62 // Initializes the object returning true on success. | 61 // Initializes the object returning true on success. |
63 bool Initialize(uint32_t session_id); | 62 bool Initialize(uint32_t session_id); |
64 | 63 |
65 // Stops the object asynchronously. | 64 // Stops the object asynchronously. |
66 void Stop(); | 65 void Stop(); |
67 | 66 |
68 // Mirrors WorkerProcessLauncher::Delegate. | 67 // Mirrors WorkerProcessLauncher::Delegate. |
69 void LaunchProcess(WorkerProcessLauncher* event_handler); | 68 void LaunchProcess(WorkerProcessLauncher* event_handler); |
70 void Send(IPC::Message* message); | 69 void Send(IPC::Message* message); |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
118 // The task runner serving job object notifications. | 117 // The task runner serving job object notifications. |
119 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_; | 118 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_; |
120 | 119 |
121 // The server end of the IPC channel used to communicate to the worker | 120 // The server end of the IPC channel used to communicate to the worker |
122 // process. | 121 // process. |
123 std::unique_ptr<IPC::ChannelProxy> channel_; | 122 std::unique_ptr<IPC::ChannelProxy> channel_; |
124 | 123 |
125 // Security descriptor (as SDDL) to be applied to |channel_|. | 124 // Security descriptor (as SDDL) to be applied to |channel_|. |
126 std::string channel_security_; | 125 std::string channel_security_; |
127 | 126 |
128 // Security descriptor (as SDDL) to be applied to the newly created process. | |
129 std::string new_process_security_; | |
130 | |
131 WorkerProcessLauncher* event_handler_; | 127 WorkerProcessLauncher* event_handler_; |
132 | 128 |
133 // The job object used to control the lifetime of child processes. | 129 // The job object used to control the lifetime of child processes. |
134 base::win::ScopedHandle job_; | 130 base::win::ScopedHandle job_; |
135 | 131 |
136 // True if the worker process should be launched elevated. | 132 // True if the worker process should be launched elevated. |
137 bool launch_elevated_; | 133 bool launch_elevated_; |
138 | 134 |
139 // True if a laucnh attemp is pending. | 135 // True if a laucnh attemp is pending. |
140 bool launch_pending_; | 136 bool launch_pending_; |
(...skipping 20 matching lines...) Expand all Loading... |
161 // The mojo child token for the process being launched. | 157 // The mojo child token for the process being launched. |
162 std::string mojo_child_token_; | 158 std::string mojo_child_token_; |
163 | 159 |
164 DISALLOW_COPY_AND_ASSIGN(Core); | 160 DISALLOW_COPY_AND_ASSIGN(Core); |
165 }; | 161 }; |
166 | 162 |
167 WtsSessionProcessDelegate::Core::Core( | 163 WtsSessionProcessDelegate::Core::Core( |
168 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | 164 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, |
169 std::unique_ptr<base::CommandLine> target_command, | 165 std::unique_ptr<base::CommandLine> target_command, |
170 bool launch_elevated, | 166 bool launch_elevated, |
171 const std::string& channel_security, | 167 const std::string& channel_security) |
172 const std::string& new_process_security) | |
173 : caller_task_runner_(base::ThreadTaskRunnerHandle::Get()), | 168 : caller_task_runner_(base::ThreadTaskRunnerHandle::Get()), |
174 io_task_runner_(io_task_runner), | 169 io_task_runner_(io_task_runner), |
175 channel_security_(channel_security), | 170 channel_security_(channel_security), |
176 new_process_security_(new_process_security), | |
177 event_handler_(nullptr), | 171 event_handler_(nullptr), |
178 launch_elevated_(launch_elevated), | 172 launch_elevated_(launch_elevated), |
179 launch_pending_(false), | 173 launch_pending_(false), |
180 target_command_(std::move(target_command)) {} | 174 target_command_(std::move(target_command)) {} |
181 | 175 |
182 bool WtsSessionProcessDelegate::Core::Initialize(uint32_t session_id) { | 176 bool WtsSessionProcessDelegate::Core::Initialize(uint32_t session_id) { |
183 DCHECK(caller_task_runner_->BelongsToCurrentThread()); | 177 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
184 | 178 |
185 if (launch_elevated_) { | 179 if (launch_elevated_) { |
186 // GetNamedPipeClientProcessId() is available starting from Vista. | 180 // GetNamedPipeClientProcessId() is available starting from Vista. |
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
415 elevated_mojo_channel = | 409 elevated_mojo_channel = |
416 base::MakeUnique<mojo::edk::NamedPlatformChannelPair>(options); | 410 base::MakeUnique<mojo::edk::NamedPlatformChannelPair>(options); |
417 elevated_mojo_channel->PrepareToPassClientHandleToChildProcess( | 411 elevated_mojo_channel->PrepareToPassClientHandleToChildProcess( |
418 &command_line); | 412 &command_line); |
419 } else { | 413 } else { |
420 normal_mojo_channel = base::MakeUnique<mojo::edk::PlatformChannelPair>(); | 414 normal_mojo_channel = base::MakeUnique<mojo::edk::PlatformChannelPair>(); |
421 normal_mojo_channel->PrepareToPassClientHandleToChildProcess( | 415 normal_mojo_channel->PrepareToPassClientHandleToChildProcess( |
422 &command_line, &handles_to_inherit); | 416 &command_line, &handles_to_inherit); |
423 } | 417 } |
424 | 418 |
425 ScopedSd security_descriptor; | |
426 std::unique_ptr<SECURITY_ATTRIBUTES> security_attributes; | |
427 if (!new_process_security_.empty()) { | |
428 security_descriptor = ConvertSddlToSd(new_process_security_); | |
429 if (!security_descriptor) { | |
430 PLOG(ERROR) << "ConvertSddlToSd() failed."; | |
431 ReportFatalError(); | |
432 return; | |
433 } | |
434 | |
435 security_attributes.reset(new SECURITY_ATTRIBUTES()); | |
436 security_attributes->nLength = sizeof(SECURITY_ATTRIBUTES); | |
437 security_attributes->lpSecurityDescriptor = security_descriptor.get(); | |
438 security_attributes->bInheritHandle = FALSE; | |
439 } | |
440 | |
441 // Try to launch the process. | 419 // Try to launch the process. |
442 ScopedHandle worker_process; | 420 ScopedHandle worker_process; |
443 ScopedHandle worker_thread; | 421 ScopedHandle worker_thread; |
444 if (!LaunchProcessWithToken( | 422 if (!LaunchProcessWithToken( |
445 command_line.GetProgram(), command_line.GetCommandLineString(), | 423 command_line.GetProgram(), command_line.GetCommandLineString(), |
446 session_token_.Get(), security_attributes.get(), | 424 session_token_.Get(), /*security_attributes=*/nullptr, |
447 /* thread_attributes= */ nullptr, handles_to_inherit, | 425 /* thread_attributes= */ nullptr, handles_to_inherit, |
448 /* creation_flags= */ CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB, | 426 /* creation_flags= */ CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB, |
449 base::UTF8ToUTF16(kDefaultDesktopName).c_str(), &worker_process, | 427 base::UTF8ToUTF16(kDefaultDesktopName).c_str(), &worker_process, |
450 &worker_thread)) { | 428 &worker_thread)) { |
451 ReportFatalError(); | 429 ReportFatalError(); |
452 return; | 430 return; |
453 } | 431 } |
454 | 432 |
455 if (launch_elevated_) { | 433 if (launch_elevated_) { |
456 if (!AssignProcessToJobObject(job_.Get(), worker_process.Get())) { | 434 if (!AssignProcessToJobObject(job_.Get(), worker_process.Get())) { |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
599 } | 577 } |
600 ScopedHandle limited_handle(temp_handle); | 578 ScopedHandle limited_handle(temp_handle); |
601 | 579 |
602 event_handler_->OnProcessLaunched(std::move(limited_handle)); | 580 event_handler_->OnProcessLaunched(std::move(limited_handle)); |
603 } | 581 } |
604 | 582 |
605 WtsSessionProcessDelegate::WtsSessionProcessDelegate( | 583 WtsSessionProcessDelegate::WtsSessionProcessDelegate( |
606 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | 584 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, |
607 std::unique_ptr<base::CommandLine> target_command, | 585 std::unique_ptr<base::CommandLine> target_command, |
608 bool launch_elevated, | 586 bool launch_elevated, |
609 const std::string& channel_security, | 587 const std::string& channel_security) { |
610 const std::string& new_process_security_descriptor) { | |
611 core_ = new Core(io_task_runner, std::move(target_command), launch_elevated, | 588 core_ = new Core(io_task_runner, std::move(target_command), launch_elevated, |
612 channel_security, new_process_security_descriptor); | 589 channel_security); |
613 } | 590 } |
614 | 591 |
615 WtsSessionProcessDelegate::~WtsSessionProcessDelegate() { | 592 WtsSessionProcessDelegate::~WtsSessionProcessDelegate() { |
616 core_->Stop(); | 593 core_->Stop(); |
617 } | 594 } |
618 | 595 |
619 bool WtsSessionProcessDelegate::Initialize(uint32_t session_id) { | 596 bool WtsSessionProcessDelegate::Initialize(uint32_t session_id) { |
620 return core_->Initialize(session_id); | 597 return core_->Initialize(session_id); |
621 } | 598 } |
622 | 599 |
623 void WtsSessionProcessDelegate::LaunchProcess( | 600 void WtsSessionProcessDelegate::LaunchProcess( |
624 WorkerProcessLauncher* event_handler) { | 601 WorkerProcessLauncher* event_handler) { |
625 core_->LaunchProcess(event_handler); | 602 core_->LaunchProcess(event_handler); |
626 } | 603 } |
627 | 604 |
628 void WtsSessionProcessDelegate::Send(IPC::Message* message) { | 605 void WtsSessionProcessDelegate::Send(IPC::Message* message) { |
629 core_->Send(message); | 606 core_->Send(message); |
630 } | 607 } |
631 | 608 |
632 void WtsSessionProcessDelegate::CloseChannel() { | 609 void WtsSessionProcessDelegate::CloseChannel() { |
633 core_->CloseChannel(); | 610 core_->CloseChannel(); |
634 } | 611 } |
635 | 612 |
636 void WtsSessionProcessDelegate::KillProcess() { | 613 void WtsSessionProcessDelegate::KillProcess() { |
637 core_->KillProcess(); | 614 core_->KillProcess(); |
638 } | 615 } |
639 | 616 |
640 } // namespace remoting | 617 } // namespace remoting |
OLD | NEW |