Chromium Code Reviews Chromium Code Reviews
Issue 2961333002:
Fix field trials not working in utility processes. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/process/process_info.h" | 5 #include "base/process/process_info.h" |
| 6 | 6 |
| 7 #include <windows.h> | 7 #include <windows.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
| 11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
| 12 #include "base/win/scoped_handle.h" | 12 #include "base/win/scoped_handle.h" |
| 13 | 13 |
| 14 namespace base { | 14 namespace base { |
| 15 | 15 |
| 16 namespace { | |
| 17 | |
| 18 HANDLE GetCurrentProcessToken() { | |
|
(unused - use chromium)
2017/06/30 16:15:18
We should probably make ScopedHandle movable and r
jam
2017/06/30 16:16:49
yep agreed, i checked first to see if it's moveabl
| |
| 19 HANDLE process_token; | |
| 20 OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &process_token); | |
| 21 DCHECK(process_token != NULL && process_token != INVALID_HANDLE_VALUE); | |
| 22 return process_token; | |
| 23 } | |
| 24 | |
| 25 } // namespace | |
| 26 | |
| 16 // static | 27 // static |
| 17 const Time CurrentProcessInfo::CreationTime() { | 28 const Time CurrentProcessInfo::CreationTime() { |
| 18 FILETIME creation_time = {}; | 29 FILETIME creation_time = {}; |
| 19 FILETIME ignore1 = {}; | 30 FILETIME ignore1 = {}; |
| 20 FILETIME ignore2 = {}; | 31 FILETIME ignore2 = {}; |
| 21 FILETIME ignore3 = {}; | 32 FILETIME ignore3 = {}; |
| 22 if (!::GetProcessTimes(::GetCurrentProcess(), &creation_time, &ignore1, | 33 if (!::GetProcessTimes(::GetCurrentProcess(), &creation_time, &ignore1, |
| 23 &ignore2, &ignore3)) { | 34 &ignore2, &ignore3)) { |
| 24 return Time(); | 35 return Time(); |
| 25 } | 36 } |
| 26 return Time::FromFileTime(creation_time); | 37 return Time::FromFileTime(creation_time); |
| 27 } | 38 } |
| 28 | 39 |
| 29 IntegrityLevel GetCurrentProcessIntegrityLevel() { | 40 IntegrityLevel GetCurrentProcessIntegrityLevel() { |
| 30 HANDLE process_token; | 41 base::win::ScopedHandle scoped_process_token(GetCurrentProcessToken()); |
| 31 if (!::OpenProcessToken(::GetCurrentProcess(), | |
| 32 TOKEN_QUERY | TOKEN_QUERY_SOURCE, &process_token)) { | |
| 33 return INTEGRITY_UNKNOWN; | |
| 34 } | |
| 35 win::ScopedHandle scoped_process_token(process_token); | |
| 36 | 42 |
| 37 DWORD token_info_length = 0; | 43 DWORD token_info_length = 0; |
| 38 if (::GetTokenInformation(process_token, TokenIntegrityLevel, nullptr, 0, | 44 if (::GetTokenInformation(scoped_process_token.Get(), TokenIntegrityLevel, |
| 39 &token_info_length) || | 45 nullptr, 0, &token_info_length) || |
| 40 ::GetLastError() != ERROR_INSUFFICIENT_BUFFER) { | 46 ::GetLastError() != ERROR_INSUFFICIENT_BUFFER) { |
| 41 return INTEGRITY_UNKNOWN; | 47 return INTEGRITY_UNKNOWN; |
| 42 } | 48 } |
| 43 | 49 |
| 44 auto token_label_bytes = MakeUnique<char[]>(token_info_length); | 50 auto token_label_bytes = MakeUnique<char[]>(token_info_length); |
| 45 TOKEN_MANDATORY_LABEL* token_label = | 51 TOKEN_MANDATORY_LABEL* token_label = |
| 46 reinterpret_cast<TOKEN_MANDATORY_LABEL*>(token_label_bytes.get()); | 52 reinterpret_cast<TOKEN_MANDATORY_LABEL*>(token_label_bytes.get()); |
| 47 if (!::GetTokenInformation(process_token, TokenIntegrityLevel, token_label, | 53 if (!::GetTokenInformation(scoped_process_token.Get(), TokenIntegrityLevel, |
| 48 token_info_length, &token_info_length)) { | 54 token_label, token_info_length, |
| 55 &token_info_length)) { | |
| 49 return INTEGRITY_UNKNOWN; | 56 return INTEGRITY_UNKNOWN; |
| 50 } | 57 } |
| 51 | 58 |
| 52 DWORD integrity_level = *::GetSidSubAuthority( | 59 DWORD integrity_level = *::GetSidSubAuthority( |
| 53 token_label->Label.Sid, | 60 token_label->Label.Sid, |
| 54 static_cast<DWORD>(*::GetSidSubAuthorityCount(token_label->Label.Sid) - | 61 static_cast<DWORD>(*::GetSidSubAuthorityCount(token_label->Label.Sid) - |
| 55 1)); | 62 1)); |
| 56 | 63 |
| 57 if (integrity_level < SECURITY_MANDATORY_MEDIUM_RID) | 64 if (integrity_level < SECURITY_MANDATORY_MEDIUM_RID) |
| 58 return LOW_INTEGRITY; | 65 return LOW_INTEGRITY; |
| 59 | 66 |
| 60 if (integrity_level >= SECURITY_MANDATORY_MEDIUM_RID && | 67 if (integrity_level >= SECURITY_MANDATORY_MEDIUM_RID && |
| 61 integrity_level < SECURITY_MANDATORY_HIGH_RID) { | 68 integrity_level < SECURITY_MANDATORY_HIGH_RID) { |
| 62 return MEDIUM_INTEGRITY; | 69 return MEDIUM_INTEGRITY; |
| 63 } | 70 } |
| 64 | 71 |
| 65 if (integrity_level >= SECURITY_MANDATORY_HIGH_RID) | 72 if (integrity_level >= SECURITY_MANDATORY_HIGH_RID) |
| 66 return HIGH_INTEGRITY; | 73 return HIGH_INTEGRITY; |
| 67 | 74 |
| 68 NOTREACHED(); | 75 NOTREACHED(); |
| 69 return INTEGRITY_UNKNOWN; | 76 return INTEGRITY_UNKNOWN; |
| 70 } | 77 } |
| 71 | 78 |
| 79 bool IsCurrentProcessElevated() { | |
| 80 base::win::ScopedHandle scoped_process_token(GetCurrentProcessToken()); | |
| 81 | |
| 82 // Unlike TOKEN_ELEVATION_TYPE which returns TokenElevationTypeDefault when | |
| 83 // UAC is turned off, TOKEN_ELEVATION returns whether the process is elevated. | |
| 84 DWORD size; | |
| 85 TOKEN_ELEVATION elevation; | |
| 86 if (!GetTokenInformation(scoped_process_token.Get(), TokenElevation, | |
| 87 &elevation, sizeof(elevation), &size)) { | |
| 88 PLOG(ERROR) << "GetTokenInformation() failed"; | |
| 89 return false; | |
| 90 } | |
| 91 return !!elevation.TokenIsElevated; | |
| 92 } | |
| 93 | |
| 72 } // namespace base | 94 } // namespace base |
| OLD | NEW |
