| OLD | NEW |
|---|
| 1 | 1 |
| 2 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 2 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 3 // Use of this source code is governed by a BSD-style license that can be | 3 // Use of this source code is governed by a BSD-style license that can be |
| 4 // found in the LICENSE file. | 4 // found in the LICENSE file. |
| 5 // | 5 // |
| 6 // This file implements the Windows service controlling Me2Me host processes | 6 // This file implements the Windows service controlling Me2Me host processes |
| 7 // running within user sessions. | 7 // running within user sessions. |
| 8 | 8 |
| 9 #include "remoting/host/win/unprivileged_process_delegate.h" | 9 #include "remoting/host/win/unprivileged_process_delegate.h" |
| 10 | 10 |
| 11 #include <sddl.h> | 11 #include <sddl.h> |
| 12 | 12 |
| 13 #include <utility> | 13 #include <utility> |
| 14 | 14 |
| 15 #include "base/command_line.h" | 15 #include "base/command_line.h" |
| 16 #include "base/files/file.h" | 16 #include "base/files/file.h" |
| 17 #include "base/logging.h" | 17 #include "base/logging.h" |
| 18 #include "base/rand_util.h" | 18 #include "base/rand_util.h" |
| 19 #include "base/single_thread_task_runner.h" | 19 #include "base/single_thread_task_runner.h" |
| 20 #include "base/strings/string16.h" | 20 #include "base/strings/string16.h" |
| 21 #include "base/strings/stringprintf.h" | 21 #include "base/strings/stringprintf.h" |
| 22 #include "base/strings/utf_string_conversions.h" | 22 #include "base/strings/utf_string_conversions.h" |
| 23 #include "base/synchronization/lock.h" | 23 #include "base/synchronization/lock.h" |
| 24 #include "base/win/scoped_handle.h" | 24 #include "base/win/scoped_handle.h" |
| 25 #include "ipc/ipc_channel.h" | 25 #include "ipc/ipc_channel.h" |
| 26 #include "ipc/ipc_channel_proxy.h" | 26 #include "ipc/ipc_channel_proxy.h" |
| 27 #include "ipc/ipc_message.h" | 27 #include "ipc/ipc_message.h" |
| 28 #include "mojo/edk/embedder/embedder.h" | 28 #include "mojo/edk/embedder/embedder.h" |
| 29 #include "mojo/edk/embedder/pending_process_connection.h" |
| 29 #include "mojo/edk/embedder/platform_channel_pair.h" | 30 #include "mojo/edk/embedder/platform_channel_pair.h" |
| 30 #include "remoting/base/typed_buffer.h" | 31 #include "remoting/base/typed_buffer.h" |
| 31 #include "remoting/host/switches.h" | 32 #include "remoting/host/switches.h" |
| 32 #include "remoting/host/win/launch_process_with_token.h" | 33 #include "remoting/host/win/launch_process_with_token.h" |
| 33 #include "remoting/host/win/security_descriptor.h" | 34 #include "remoting/host/win/security_descriptor.h" |
| 34 #include "remoting/host/win/window_station_and_desktop.h" | 35 #include "remoting/host/win/window_station_and_desktop.h" |
| 35 #include "sandbox/win/src/restricted_token.h" | 36 #include "sandbox/win/src/restricted_token.h" |
| 36 | 37 |
| 37 using base::win::ScopedHandle; | 38 using base::win::ScopedHandle; |
| 38 | 39 |
| (...skipping 237 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 276 thread_attributes.bInheritHandle = FALSE; | 277 thread_attributes.bInheritHandle = FALSE; |
| 277 | 278 |
| 278 // Create our own window station and desktop accessible by |logon_sid|. | 279 // Create our own window station and desktop accessible by |logon_sid|. |
| 279 WindowStationAndDesktop handles; | 280 WindowStationAndDesktop handles; |
| 280 if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) { | 281 if (!CreateWindowStationAndDesktop(std::move(logon_sid), &handles)) { |
| 281 PLOG(ERROR) << "Failed to create a window station and desktop"; | 282 PLOG(ERROR) << "Failed to create a window station and desktop"; |
| 282 ReportFatalError(); | 283 ReportFatalError(); |
| 283 return; | 284 return; |
| 284 } | 285 } |
| 285 | 286 |
| 286 const std::string mojo_child_token = mojo::edk::GenerateRandomToken(); | 287 mojo::edk::PendingProcessConnection process; |
| 287 const std::string mojo_message_pipe_token = mojo::edk::GenerateRandomToken(); | 288 std::string mojo_message_pipe_token; |
| 288 | |
| 289 std::unique_ptr<IPC::ChannelProxy> server = IPC::ChannelProxy::Create( | 289 std::unique_ptr<IPC::ChannelProxy> server = IPC::ChannelProxy::Create( |
| 290 mojo::edk::CreateParentMessagePipe(mojo_message_pipe_token, | 290 process.CreateMessagePipe(&mojo_message_pipe_token).release(), |
| 291 mojo_child_token) | |
| 292 .release(), | |
| 293 IPC::Channel::MODE_SERVER, this, io_task_runner_); | 291 IPC::Channel::MODE_SERVER, this, io_task_runner_); |
| 294 base::CommandLine command_line(target_command_->argv()); | 292 base::CommandLine command_line(target_command_->argv()); |
| 295 command_line.AppendSwitchASCII(kMojoPipeToken, mojo_message_pipe_token); | 293 command_line.AppendSwitchASCII(kMojoPipeToken, mojo_message_pipe_token); |
| 296 | 294 |
| 297 base::HandlesToInheritVector handles_to_inherit = { | 295 base::HandlesToInheritVector handles_to_inherit = { |
| 298 handles.desktop(), handles.window_station(), | 296 handles.desktop(), handles.window_station(), |
| 299 }; | 297 }; |
| 300 mojo::edk::PlatformChannelPair mojo_channel; | 298 mojo::edk::PlatformChannelPair mojo_channel; |
| 301 mojo_channel.PrepareToPassClientHandleToChildProcess(&command_line, | 299 mojo_channel.PrepareToPassClientHandleToChildProcess(&command_line, |
| 302 &handles_to_inherit); | 300 &handles_to_inherit); |
| 303 | 301 |
| 304 // Try to launch the worker process. The launched process inherits | 302 // Try to launch the worker process. The launched process inherits |
| 305 // the window station, desktop and pipe handles, created above. | 303 // the window station, desktop and pipe handles, created above. |
| 306 ScopedHandle worker_process; | 304 ScopedHandle worker_process; |
| 307 ScopedHandle worker_thread; | 305 ScopedHandle worker_thread; |
| 308 if (!LaunchProcessWithToken( | 306 if (!LaunchProcessWithToken( |
| 309 command_line.GetProgram(), command_line.GetCommandLineString(), | 307 command_line.GetProgram(), command_line.GetCommandLineString(), |
| 310 token.Get(), &process_attributes, &thread_attributes, | 308 token.Get(), &process_attributes, &thread_attributes, |
| 311 handles_to_inherit, /* creation_flags= */ 0, | 309 handles_to_inherit, /* creation_flags= */ 0, |
| 312 /* thread_attributes= */ nullptr, &worker_process, &worker_thread)) { | 310 /* thread_attributes= */ nullptr, &worker_process, &worker_thread)) { |
| 313 mojo::edk::ChildProcessLaunchFailed(mojo_child_token); | |
| 314 ReportFatalError(); | 311 ReportFatalError(); |
| 315 return; | 312 return; |
| 316 } | 313 } |
| 317 mojo::edk::ChildProcessLaunched( | 314 process.Connect(worker_process.Get(), mojo_channel.PassServerHandle()); |
| 318 worker_process.Get(), mojo_channel.PassServerHandle(), mojo_child_token); | |
| 319 | 315 |
| 320 channel_ = std::move(server); | 316 channel_ = std::move(server); |
| 321 | 317 |
| 322 ReportProcessLaunched(std::move(worker_process)); | 318 ReportProcessLaunched(std::move(worker_process)); |
| 323 } | 319 } |
| 324 | 320 |
| 325 void UnprivilegedProcessDelegate::Send(IPC::Message* message) { | 321 void UnprivilegedProcessDelegate::Send(IPC::Message* message) { |
| 326 DCHECK(CalledOnValidThread()); | 322 DCHECK(CalledOnValidThread()); |
| 327 | 323 |
| 328 if (channel_) { | 324 if (channel_) { |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 405 PLOG(ERROR) << "Failed to duplicate a handle"; | 401 PLOG(ERROR) << "Failed to duplicate a handle"; |
| 406 ReportFatalError(); | 402 ReportFatalError(); |
| 407 return; | 403 return; |
| 408 } | 404 } |
| 409 ScopedHandle limited_handle(temp_handle); | 405 ScopedHandle limited_handle(temp_handle); |
| 410 | 406 |
| 411 event_handler_->OnProcessLaunched(std::move(limited_handle)); | 407 event_handler_->OnProcessLaunched(std::move(limited_handle)); |
| 412 } | 408 } |
| 413 | 409 |
| 414 } // namespace remoting | 410 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2680973006:
Mojo EDK: Add safe process connection API (Closed)
