sandbox/mac/launchd_interception_server.h - Issue 306123012: Do not double-unref send rights when using POLICY_SUBSTITUE_PORT.

Side by Side Diff: sandbox/mac/launchd_interception_server.h

Issue 306123012: Do not double-unref send rights when using POLICY_SUBSTITUE_PORT. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_	5 #ifndef SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_

6 #define SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_	6 #define SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_

7	7

8 #include <dispatch/dispatch.h>	8 #include <dispatch/dispatch.h>

9 #include <mach/mach.h>	9 #include <mach/mach.h>

10	10

(...skipping 36 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
47 mach_msg_header_t* reply,	47 mach_msg_header_t* reply,

48 pid_t sender_pid);	48 pid_t sender_pid);

49	49

50 // Given a swap_integer request message, this verifies that it is safe, and	50 // Given a swap_integer request message, this verifies that it is safe, and

51 // if so, forwards it on to launchd for servicing. If the request is unsafe,	51 // if so, forwards it on to launchd for servicing. If the request is unsafe,

52 // it replies with an error.	52 // it replies with an error.

53 void HandleSwapInteger(mach_msg_header_t* request,	53 void HandleSwapInteger(mach_msg_header_t* request,

54 mach_msg_header_t* reply,	54 mach_msg_header_t* reply,

55 pid_t sender_pid);	55 pid_t sender_pid);

56	56

57 // Sends a reply message.	57 // Sends a reply message. Returns true if the message was sent successfully.

58 void SendReply(mach_msg_header_t* reply);	58 bool SendReply(mach_msg_header_t* reply);

59	59

60 // Forwards the original \|request\| on to real bootstrap server for handling.	60 // Forwards the original \|request\| on to real bootstrap server for handling.

61 void ForwardMessage(mach_msg_header_t* request, mach_msg_header_t* reply);	61 void ForwardMessage(mach_msg_header_t* request, mach_msg_header_t* reply);

62	62

63 // Replies to the message with the specified \|error_code\| as a MIG	63 // Replies to the message with the specified \|error_code\| as a MIG

64 // error_reply RetCode.	64 // error_reply RetCode.

65 void RejectMessage(mach_msg_header_t* request,	65 void RejectMessage(mach_msg_header_t* request,

66 mach_msg_header_t* reply,	66 mach_msg_header_t* reply,

67 int error_code);	67 int error_code);

68	68

(...skipping 12 matching lines...) Expand all Loading...
81 // Request and reply buffers used in ReceiveMessage.	81 // Request and reply buffers used in ReceiveMessage.

82 base::mac::ScopedMachVM request_buffer_;	82 base::mac::ScopedMachVM request_buffer_;

83 base::mac::ScopedMachVM reply_buffer_;	83 base::mac::ScopedMachVM reply_buffer_;

84	84

85 // Whether or not ForwardMessage() was called during ReceiveMessage().	85 // Whether or not ForwardMessage() was called during ReceiveMessage().

86 bool did_forward_message_;	86 bool did_forward_message_;

87	87

88 // The Mach port handed out in reply to denied look up requests. All denied	88 // The Mach port handed out in reply to denied look up requests. All denied

89 // requests share the same port, though nothing reads messages from it.	89 // requests share the same port, though nothing reads messages from it.

90 base::mac::ScopedMachReceiveRight sandbox_port_;	90 base::mac::ScopedMachReceiveRight sandbox_port_;

	91 // Any sandbox Rules that use the sandbox_port_ will need a send right to

	92 // copy.
	Mark Mentovai 2014/06/02 22:44:15 This sentence is awkward. “will need a send right This sentence is awkward. “will need a send right to be copied” is maybe a tiny better. As it is, it kinda sounds like you need a send right to some receiver named copy. Robert Sesek 2014/06/02 23:28:51 Done. Reworded to: "The send right for the above Show quoted text On 2014/06/02 22:44:15, Mark Mentovai wrote: > This sentence is awkward. “will need a send right to be copied” is maybe a tiny > better. As it is, it kinda sounds like you need a send right to some receiver > named copy. Done. Reworded to: "The send right for the above \|sandbox_port_\|, used with MACH_MSG_TYPE_COPY_SEND when handing out references to the dummy port."
	93 base::mac::ScopedMachSendRight sandbox_send_port_;

91	94

92 // The compatibility shim that handles differences in message header IDs and	95 // The compatibility shim that handles differences in message header IDs and

93 // request/reply structures between different OS X versions.	96 // request/reply structures between different OS X versions.

94 const LaunchdCompatibilityShim compat_shim_;	97 const LaunchdCompatibilityShim compat_shim_;

95 };	98 };

96	99

97 } // namespace sandbox	100 } // namespace sandbox

98	101

99 #endif // SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_	102 #endif // SANDBOX_MAC_LAUNCHD_INTERCEPTION_SERVER_H_

OLD	NEW

« no previous file with comments | « sandbox/mac/bootstrap_sandbox_unittest.mm ('k') | sandbox/mac/launchd_interception_server.cc » ('j') | no next file with comments »