| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This file implements the Windows service controlling Me2Me host processes | 5 // This file implements the Windows service controlling Me2Me host processes |
| 6 // running within user sessions. | 6 // running within user sessions. |
| 7 | 7 |
| 8 #include "remoting/host/win/wts_session_process_delegate.h" | 8 #include "remoting/host/win/wts_session_process_delegate.h" |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 181 } | 181 } |
| 182 | 182 |
| 183 // Limit the number of active processes in the job to two (the helper | 183 // Limit the number of active processes in the job to two (the helper |
| 184 // process performing elevation and the worker process itself) and make sure | 184 // process performing elevation and the worker process itself) and make sure |
| 185 // that all processes will be killed once the job object is destroyed. | 185 // that all processes will be killed once the job object is destroyed. |
| 186 JOBOBJECT_EXTENDED_LIMIT_INFORMATION info; | 186 JOBOBJECT_EXTENDED_LIMIT_INFORMATION info; |
| 187 memset(&info, 0, sizeof(info)); | 187 memset(&info, 0, sizeof(info)); |
| 188 info.BasicLimitInformation.LimitFlags = JOB_OBJECT_LIMIT_ACTIVE_PROCESS | | 188 info.BasicLimitInformation.LimitFlags = JOB_OBJECT_LIMIT_ACTIVE_PROCESS | |
| 189 JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE; | 189 JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE; |
| 190 info.BasicLimitInformation.ActiveProcessLimit = 2; | 190 info.BasicLimitInformation.ActiveProcessLimit = 2; |
| 191 if (!SetInformationJobObject(job, | 191 if (!SetInformationJobObject(job.Get(), |
| 192 JobObjectExtendedLimitInformation, | 192 JobObjectExtendedLimitInformation, |
| 193 &info, | 193 &info, |
| 194 sizeof(info))) { | 194 sizeof(info))) { |
| 195 PLOG(ERROR) << "Failed to set limits on the job object"; | 195 PLOG(ERROR) << "Failed to set limits on the job object"; |
| 196 return false; | 196 return false; |
| 197 } | 197 } |
| 198 | 198 |
| 199 // ScopedHandle is not compatible with base::Passed, so we wrap it to | 199 // ScopedHandle is not compatible with base::Passed, so we wrap it to |
| 200 // a scoped pointer. | 200 // a scoped pointer. |
| 201 scoped_ptr<ScopedHandle> job_wrapper(new ScopedHandle()); | 201 scoped_ptr<ScopedHandle> job_wrapper(new ScopedHandle()); |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 254 void WtsSessionProcessDelegate::Core::KillProcess() { | 254 void WtsSessionProcessDelegate::Core::KillProcess() { |
| 255 DCHECK(caller_task_runner_->BelongsToCurrentThread()); | 255 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 256 | 256 |
| 257 channel_.reset(); | 257 channel_.reset(); |
| 258 event_handler_ = NULL; | 258 event_handler_ = NULL; |
| 259 launch_pending_ = false; | 259 launch_pending_ = false; |
| 260 pipe_.Close(); | 260 pipe_.Close(); |
| 261 | 261 |
| 262 if (launch_elevated_) { | 262 if (launch_elevated_) { |
| 263 if (job_.IsValid()) | 263 if (job_.IsValid()) |
| 264 TerminateJobObject(job_, CONTROL_C_EXIT); | 264 TerminateJobObject(job_.Get(), CONTROL_C_EXIT); |
| 265 } else { | 265 } else { |
| 266 if (worker_process_.IsValid()) | 266 if (worker_process_.IsValid()) |
| 267 TerminateProcess(worker_process_, CONTROL_C_EXIT); | 267 TerminateProcess(worker_process_.Get(), CONTROL_C_EXIT); |
| 268 } | 268 } |
| 269 | 269 |
| 270 worker_process_.Close(); | 270 worker_process_.Close(); |
| 271 } | 271 } |
| 272 | 272 |
| 273 WtsSessionProcessDelegate::Core::~Core() { | 273 WtsSessionProcessDelegate::Core::~Core() { |
| 274 DCHECK(!channel_); | 274 DCHECK(!channel_); |
| 275 DCHECK(!event_handler_); | 275 DCHECK(!event_handler_); |
| 276 DCHECK(!pipe_.IsValid()); | 276 DCHECK(!pipe_.IsValid()); |
| 277 DCHECK(!worker_process_.IsValid()); | 277 DCHECK(!worker_process_.IsValid()); |
| (...skipping 21 matching lines...) Expand all Loading... |
| 299 } | 299 } |
| 300 | 300 |
| 301 void WtsSessionProcessDelegate::Core::OnChannelConnected(int32 peer_pid) { | 301 void WtsSessionProcessDelegate::Core::OnChannelConnected(int32 peer_pid) { |
| 302 DCHECK(caller_task_runner_->BelongsToCurrentThread()); | 302 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 303 | 303 |
| 304 // Report the worker PID now if the worker process is launched indirectly. | 304 // Report the worker PID now if the worker process is launched indirectly. |
| 305 // Note that in this case the pipe's security descriptor is the only | 305 // Note that in this case the pipe's security descriptor is the only |
| 306 // protection against a malicious processed connecting to the pipe. | 306 // protection against a malicious processed connecting to the pipe. |
| 307 if (launch_elevated_) { | 307 if (launch_elevated_) { |
| 308 DWORD pid; | 308 DWORD pid; |
| 309 if (!get_named_pipe_client_pid_(pipe_, &pid)) { | 309 if (!get_named_pipe_client_pid_(pipe_.Get(), &pid)) { |
| 310 PLOG(ERROR) << "Failed to retrive PID of the client"; | 310 PLOG(ERROR) << "Failed to retrive PID of the client"; |
| 311 ReportFatalError(); | 311 ReportFatalError(); |
| 312 return; | 312 return; |
| 313 } | 313 } |
| 314 | 314 |
| 315 if (pid != static_cast<DWORD>(peer_pid)) { | 315 if (pid != static_cast<DWORD>(peer_pid)) { |
| 316 LOG(ERROR) << "The actual client PID " << pid | 316 LOG(ERROR) << "The actual client PID " << pid |
| 317 << " does not match the one reported by the client: " | 317 << " does not match the one reported by the client: " |
| 318 << peer_pid; | 318 << peer_pid; |
| 319 ReportFatalError(); | 319 ReportFatalError(); |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 373 // Create the server end of the IPC channel. | 373 // Create the server end of the IPC channel. |
| 374 std::string channel_name = IPC::Channel::GenerateUniqueRandomChannelID(); | 374 std::string channel_name = IPC::Channel::GenerateUniqueRandomChannelID(); |
| 375 ScopedHandle pipe; | 375 ScopedHandle pipe; |
| 376 if (!CreateIpcChannel(channel_name, channel_security_, &pipe)) { | 376 if (!CreateIpcChannel(channel_name, channel_security_, &pipe)) { |
| 377 ReportFatalError(); | 377 ReportFatalError(); |
| 378 return; | 378 return; |
| 379 } | 379 } |
| 380 | 380 |
| 381 // Wrap the pipe into an IPC channel. | 381 // Wrap the pipe into an IPC channel. |
| 382 scoped_ptr<IPC::ChannelProxy> channel( | 382 scoped_ptr<IPC::ChannelProxy> channel( |
| 383 IPC::ChannelProxy::Create(IPC::ChannelHandle(pipe), | 383 IPC::ChannelProxy::Create(IPC::ChannelHandle(pipe.Get()), |
| 384 IPC::Channel::MODE_SERVER, | 384 IPC::Channel::MODE_SERVER, |
| 385 this, | 385 this, |
| 386 io_task_runner_)); | 386 io_task_runner_)); |
| 387 | 387 |
| 388 // Pass the name of the IPC channel to use. | 388 // Pass the name of the IPC channel to use. |
| 389 command_line.AppendSwitchNative(kDaemonPipeSwitchName, | 389 command_line.AppendSwitchNative(kDaemonPipeSwitchName, |
| 390 base::UTF8ToWide(channel_name)); | 390 base::UTF8ToWide(channel_name)); |
| 391 | 391 |
| 392 // Try to launch the process. | 392 // Try to launch the process. |
| 393 ScopedHandle worker_process; | 393 ScopedHandle worker_process; |
| 394 ScopedHandle worker_thread; | 394 ScopedHandle worker_thread; |
| 395 if (!LaunchProcessWithToken(command_line.GetProgram(), | 395 if (!LaunchProcessWithToken(command_line.GetProgram(), |
| 396 command_line.GetCommandLineString(), | 396 command_line.GetCommandLineString(), |
| 397 session_token_, | 397 session_token_.Get(), |
| 398 NULL, | 398 NULL, |
| 399 NULL, | 399 NULL, |
| 400 false, | 400 false, |
| 401 CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB, | 401 CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB, |
| 402 base::UTF8ToUTF16(kDefaultDesktopName).c_str(), | 402 base::UTF8ToUTF16(kDefaultDesktopName).c_str(), |
| 403 &worker_process, | 403 &worker_process, |
| 404 &worker_thread)) { | 404 &worker_thread)) { |
| 405 ReportFatalError(); | 405 ReportFatalError(); |
| 406 return; | 406 return; |
| 407 } | 407 } |
| 408 | 408 |
| 409 if (launch_elevated_) { | 409 if (launch_elevated_) { |
| 410 if (!AssignProcessToJobObject(job_, worker_process)) { | 410 if (!AssignProcessToJobObject(job_.Get(), worker_process.Get())) { |
| 411 PLOG(ERROR) << "Failed to assign the worker to the job object"; | 411 PLOG(ERROR) << "Failed to assign the worker to the job object"; |
| 412 ReportFatalError(); | 412 ReportFatalError(); |
| 413 return; | 413 return; |
| 414 } | 414 } |
| 415 } | 415 } |
| 416 | 416 |
| 417 if (!ResumeThread(worker_thread)) { | 417 if (!ResumeThread(worker_thread.Get())) { |
| 418 PLOG(ERROR) << "Failed to resume the worker thread"; | 418 PLOG(ERROR) << "Failed to resume the worker thread"; |
| 419 ReportFatalError(); | 419 ReportFatalError(); |
| 420 return; | 420 return; |
| 421 } | 421 } |
| 422 | 422 |
| 423 channel_ = channel.Pass(); | 423 channel_ = channel.Pass(); |
| 424 pipe_ = pipe.Pass(); | 424 pipe_ = pipe.Pass(); |
| 425 | 425 |
| 426 // Report success if the worker process is lauched directly. Otherwise, PID of | 426 // Report success if the worker process is lauched directly. Otherwise, PID of |
| 427 // the client connected to the pipe will be used later. See | 427 // the client connected to the pipe will be used later. See |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 506 DCHECK(!worker_process_.IsValid()); | 506 DCHECK(!worker_process_.IsValid()); |
| 507 | 507 |
| 508 worker_process_ = worker_process.Pass(); | 508 worker_process_ = worker_process.Pass(); |
| 509 | 509 |
| 510 // Report a handle that can be used to wait for the worker process completion, | 510 // Report a handle that can be used to wait for the worker process completion, |
| 511 // query information about the process and duplicate handles. | 511 // query information about the process and duplicate handles. |
| 512 DWORD desired_access = | 512 DWORD desired_access = |
| 513 SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION; | 513 SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION; |
| 514 HANDLE temp_handle; | 514 HANDLE temp_handle; |
| 515 if (!DuplicateHandle(GetCurrentProcess(), | 515 if (!DuplicateHandle(GetCurrentProcess(), |
| 516 worker_process_, | 516 worker_process_.Get(), |
| 517 GetCurrentProcess(), | 517 GetCurrentProcess(), |
| 518 &temp_handle, | 518 &temp_handle, |
| 519 desired_access, | 519 desired_access, |
| 520 FALSE, | 520 FALSE, |
| 521 0)) { | 521 0)) { |
| 522 PLOG(ERROR) << "Failed to duplicate a handle"; | 522 PLOG(ERROR) << "Failed to duplicate a handle"; |
| 523 ReportFatalError(); | 523 ReportFatalError(); |
| 524 return; | 524 return; |
| 525 } | 525 } |
| 526 ScopedHandle limited_handle(temp_handle); | 526 ScopedHandle limited_handle(temp_handle); |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 558 | 558 |
| 559 void WtsSessionProcessDelegate::CloseChannel() { | 559 void WtsSessionProcessDelegate::CloseChannel() { |
| 560 core_->CloseChannel(); | 560 core_->CloseChannel(); |
| 561 } | 561 } |
| 562 | 562 |
| 563 void WtsSessionProcessDelegate::KillProcess() { | 563 void WtsSessionProcessDelegate::KillProcess() { |
| 564 core_->KillProcess(); | 564 core_->KillProcess(); |
| 565 } | 565 } |
| 566 | 566 |
| 567 } // namespace remoting | 567 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 602763003:
Remove implicit HANDLE conversions from remoting. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master