Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(605)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/broker_services.cc

Issue 606443002: Remove implicit HANDLE conversions from sandbox. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | sandbox/win/src/handle_closer_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/broker_services.h" 5 #include "sandbox/win/src/broker_services.h"
6 6
7 #include <AclAPI.h> 7 #include <AclAPI.h>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/memory/scoped_ptr.h" 10 #include "base/memory/scoped_ptr.h"
(...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after
450 // Construct the thread pool here in case it is expensive. 450 // Construct the thread pool here in case it is expensive.
451 // The thread pool is shared by all the targets 451 // The thread pool is shared by all the targets
452 if (NULL == thread_pool_) 452 if (NULL == thread_pool_)
453 thread_pool_ = new Win2kThreadPool(); 453 thread_pool_ = new Win2kThreadPool();
454 454
455 // Create the TargetProces object and spawn the target suspended. Note that 455 // Create the TargetProces object and spawn the target suspended. Note that
456 // Brokerservices does not own the target object. It is owned by the Policy. 456 // Brokerservices does not own the target object. It is owned by the Policy.
457 base::win::ScopedProcessInformation process_info; 457 base::win::ScopedProcessInformation process_info;
458 TargetProcess* target = new TargetProcess(initial_token.Take(), 458 TargetProcess* target = new TargetProcess(initial_token.Take(),
459 lockdown_token.Take(), 459 lockdown_token.Take(),
460 job, 460 job.Get(),
461 thread_pool_); 461 thread_pool_);
462 462
463 DWORD win_result = target->Create(exe_path, command_line, inherit_handles, 463 DWORD win_result = target->Create(exe_path, command_line, inherit_handles,
464 startup_info, &process_info); 464 startup_info, &process_info);
465 if (ERROR_SUCCESS != win_result) 465 if (ERROR_SUCCESS != win_result)
466 return SpawnCleanup(target, win_result); 466 return SpawnCleanup(target, win_result);
467 467
468 // Now the policy is the owner of the target. 468 // Now the policy is the owner of the target.
469 if (!policy_base->AddTarget(target)) { 469 if (!policy_base->AddTarget(target)) {
470 return SpawnCleanup(target, 0); 470 return SpawnCleanup(target, 0);
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
527 SYNCHRONIZE, FALSE, 0)) { 527 SYNCHRONIZE, FALSE, 0)) {
528 return SBOX_ERROR_GENERIC; 528 return SBOX_ERROR_GENERIC;
529 } 529 }
530 peer->process.Set(process_handle); 530 peer->process.Set(process_handle);
531 531
532 AutoLock lock(&lock_); 532 AutoLock lock(&lock_);
533 if (!peer_map_.insert(std::make_pair(peer->id, peer.get())).second) 533 if (!peer_map_.insert(std::make_pair(peer->id, peer.get())).second)
534 return SBOX_ERROR_BAD_PARAMS; 534 return SBOX_ERROR_BAD_PARAMS;
535 535
536 if (!::RegisterWaitForSingleObject( 536 if (!::RegisterWaitForSingleObject(
537 &peer->wait_object, peer->process, RemovePeer, peer.get(), INFINITE, 537 &peer->wait_object, peer->process.Get(), RemovePeer, peer.get(),
538 WT_EXECUTEONLYONCE | WT_EXECUTEINWAITTHREAD)) { 538 INFINITE, WT_EXECUTEONLYONCE | WT_EXECUTEINWAITTHREAD)) {
539 peer_map_.erase(peer->id); 539 peer_map_.erase(peer->id);
540 return SBOX_ERROR_GENERIC; 540 return SBOX_ERROR_GENERIC;
541 } 541 }
542 542
543 // Release the pointer since it will be cleaned up by the callback. 543 // Release the pointer since it will be cleaned up by the callback.
544 peer.release(); 544 peer.release();
545 return SBOX_ALL_OK; 545 return SBOX_ALL_OK;
546 } 546 }
547 547
548 ResultCode BrokerServicesBase::InstallAppContainer(const wchar_t* sid, 548 ResultCode BrokerServicesBase::InstallAppContainer(const wchar_t* sid,
(...skipping 16 matching lines...) Expand all
565 return SBOX_ERROR_UNSUPPORTED; 565 return SBOX_ERROR_UNSUPPORTED;
566 566
567 base::string16 name = LookupAppContainer(sid); 567 base::string16 name = LookupAppContainer(sid);
568 if (name.empty()) 568 if (name.empty())
569 return SBOX_ERROR_INVALID_APP_CONTAINER; 569 return SBOX_ERROR_INVALID_APP_CONTAINER;
570 570
571 return DeleteAppContainer(sid); 571 return DeleteAppContainer(sid);
572 } 572 }
573 573
574 } // namespace sandbox 574 } // namespace sandbox
OLDNEW
« no previous file with comments | « no previous file | sandbox/win/src/handle_closer_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698