| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/broker_services.h" | 5 #include "sandbox/win/src/broker_services.h" |
| 6 | 6 |
| 7 #include <AclAPI.h> | 7 #include <AclAPI.h> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| (...skipping 331 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 342 // 1 thread. This is to protect the global variables used while setting up | 342 // 1 thread. This is to protect the global variables used while setting up |
| 343 // the child process. | 343 // the child process. |
| 344 static DWORD thread_id = ::GetCurrentThreadId(); | 344 static DWORD thread_id = ::GetCurrentThreadId(); |
| 345 DCHECK(thread_id == ::GetCurrentThreadId()); | 345 DCHECK(thread_id == ::GetCurrentThreadId()); |
| 346 | 346 |
| 347 AutoLock lock(&lock_); | 347 AutoLock lock(&lock_); |
| 348 | 348 |
| 349 // This downcast is safe as long as we control CreatePolicy() | 349 // This downcast is safe as long as we control CreatePolicy() |
| 350 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); | 350 PolicyBase* policy_base = static_cast<PolicyBase*>(policy); |
| 351 | 351 |
| 352 if (policy_base->GetAppContainer() && policy_base->GetLowBoxSid()) |
| 353 return SBOX_ERROR_BAD_PARAMS; |
| 354 |
| 352 // Construct the tokens and the job object that we are going to associate | 355 // Construct the tokens and the job object that we are going to associate |
| 353 // with the soon to be created target process. | 356 // with the soon to be created target process. |
| 354 HANDLE initial_token_temp; | 357 HANDLE initial_token_temp; |
| 355 HANDLE lockdown_token_temp; | 358 HANDLE lockdown_token_temp; |
| 356 ResultCode result = SBOX_ALL_OK; | 359 ResultCode result = SBOX_ALL_OK; |
| 357 | 360 |
| 358 if (IsTokenCacheable(policy_base)) { | 361 if (IsTokenCacheable(policy_base)) { |
| 359 // Create the master tokens only once and save them in a cache. That way | 362 // Create the master tokens only once and save them in a cache. That way |
| 360 // can just duplicate them to avoid hammering LSASS on every sandboxed | 363 // can just duplicate them to avoid hammering LSASS on every sandboxed |
| 361 // process launch. | 364 // process launch. |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 475 | 478 |
| 476 // Create the TargetProces object and spawn the target suspended. Note that | 479 // Create the TargetProces object and spawn the target suspended. Note that |
| 477 // Brokerservices does not own the target object. It is owned by the Policy. | 480 // Brokerservices does not own the target object. It is owned by the Policy. |
| 478 base::win::ScopedProcessInformation process_info; | 481 base::win::ScopedProcessInformation process_info; |
| 479 TargetProcess* target = new TargetProcess(initial_token.Take(), | 482 TargetProcess* target = new TargetProcess(initial_token.Take(), |
| 480 lockdown_token.Take(), | 483 lockdown_token.Take(), |
| 481 job.Get(), | 484 job.Get(), |
| 482 thread_pool_); | 485 thread_pool_); |
| 483 | 486 |
| 484 DWORD win_result = target->Create(exe_path, command_line, inherit_handles, | 487 DWORD win_result = target->Create(exe_path, command_line, inherit_handles, |
| 488 policy_base->GetLowBoxSid() ? true : false, |
| 485 startup_info, &process_info); | 489 startup_info, &process_info); |
| 486 if (ERROR_SUCCESS != win_result) | 490 if (ERROR_SUCCESS != win_result) |
| 487 return SpawnCleanup(target, win_result); | 491 return SpawnCleanup(target, win_result); |
| 488 | 492 |
| 489 // Now the policy is the owner of the target. | 493 // Now the policy is the owner of the target. |
| 490 if (!policy_base->AddTarget(target)) { | 494 if (!policy_base->AddTarget(target)) { |
| 491 return SpawnCleanup(target, 0); | 495 return SpawnCleanup(target, 0); |
| 492 } | 496 } |
| 493 | 497 |
| 494 // We are going to keep a pointer to the policy because we'll call it when | 498 // We are going to keep a pointer to the policy because we'll call it when |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 586 return SBOX_ERROR_UNSUPPORTED; | 590 return SBOX_ERROR_UNSUPPORTED; |
| 587 | 591 |
| 588 base::string16 name = LookupAppContainer(sid); | 592 base::string16 name = LookupAppContainer(sid); |
| 589 if (name.empty()) | 593 if (name.empty()) |
| 590 return SBOX_ERROR_INVALID_APP_CONTAINER; | 594 return SBOX_ERROR_INVALID_APP_CONTAINER; |
| 591 | 595 |
| 592 return DeleteAppContainer(sid); | 596 return DeleteAppContainer(sid); |
| 593 } | 597 } |
| 594 | 598 |
| 595 } // namespace sandbox | 599 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 937353002:
Adding method to create process using LowBox token in sandbox code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master