1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/target_process.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,132 @@
1.4 +// Copyright (c) 2012 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +#ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_
1.9 +#define SANDBOX_WIN_SRC_TARGET_PROCESS_H_
1.10 +
1.11 +#include <windows.h>
1.12 +
1.13 +#include "base/basictypes.h"
1.14 +#include "base/memory/scoped_ptr.h"
1.15 +#include "base/win/scoped_handle.h"
1.16 +#include "base/win/scoped_process_information.h"
1.17 +#include "sandbox/win/src/crosscall_server.h"
1.18 +#include "sandbox/win/src/sandbox_types.h"
1.19 +
1.20 +namespace base {
1.21 +namespace win {
1.22 +
1.23 +class StartupInformation;
1.24 +
1.25 +}; // namespace win
1.26 +}; // namespace base
1.27 +
1.28 +namespace sandbox {
1.29 +
1.30 +class AttributeList;
1.31 +class SharedMemIPCServer;
1.32 +class ThreadProvider;
1.33 +
1.34 +// TargetProcess models a target instance (child process). Objects of this
1.35 +// class are owned by the Policy used to create them.
1.36 +class TargetProcess {
1.37 + public:
1.38 + // The constructor takes ownership of |initial_token| and |lockdown_token|.
1.39 + TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job,
1.40 + ThreadProvider* thread_pool);
1.41 + ~TargetProcess();
1.42 +
1.43 + // TODO(cpu): Currently there does not seem to be a reason to implement
1.44 + // reference counting for this class since is internal, but kept the
1.45 + // the same interface so the interception framework does not need to be
1.46 + // touched at this point.
1.47 + void AddRef() {}
1.48 + void Release() {}
1.49 +
1.50 + // Creates the new target process. The process is created suspended.
1.51 + DWORD Create(const wchar_t* exe_path,
1.52 + const wchar_t* command_line,
1.53 + bool inherit_handles,
1.54 + const base::win::StartupInformation& startup_info,
1.55 + base::win::ScopedProcessInformation* target_info);
1.56 +
1.57 + // Destroys the target process.
1.58 + void Terminate();
1.59 +
1.60 + // Creates the IPC objects such as the BrokerDispatcher and the
1.61 + // IPC server. The IPC server uses the services of the thread_pool.
1.62 + DWORD Init(Dispatcher* ipc_dispatcher, void* policy,
1.63 + uint32 shared_IPC_size, uint32 shared_policy_size);
1.64 +
1.65 + // Returns the handle to the target process.
1.66 + HANDLE Process() const {
1.67 + return sandbox_process_info_.process_handle();
1.68 + }
1.69 +
1.70 + // Returns the handle to the job object that the target process belongs to.
1.71 + HANDLE Job() const {
1.72 + return job_;
1.73 + }
1.74 +
1.75 + // Returns the address of the target main exe. This is used by the
1.76 + // interceptions framework.
1.77 + HMODULE MainModule() const {
1.78 + return reinterpret_cast<HMODULE>(base_address_);
1.79 + }
1.80 +
1.81 + // Returns the name of the executable.
1.82 + const wchar_t* Name() const {
1.83 + return exe_name_.get();
1.84 + }
1.85 +
1.86 + // Returns the process id.
1.87 + DWORD ProcessId() const {
1.88 + return sandbox_process_info_.process_id();
1.89 + }
1.90 +
1.91 + // Returns the handle to the main thread.
1.92 + HANDLE MainThread() const {
1.93 + return sandbox_process_info_.thread_handle();
1.94 + }
1.95 +
1.96 + // Transfers a 32-bit variable between the broker and the target.
1.97 + ResultCode TransferVariable(const char* name, void* address, size_t size);
1.98 +
1.99 + private:
1.100 + // Details of the target process.
1.101 + base::win::ScopedProcessInformation sandbox_process_info_;
1.102 + // The token associated with the process. It provides the core of the
1.103 + // sbox security.
1.104 + base::win::ScopedHandle lockdown_token_;
1.105 + // The token given to the initial thread so that the target process can
1.106 + // start. It has more powers than the lockdown_token.
1.107 + base::win::ScopedHandle initial_token_;
1.108 + // Kernel handle to the shared memory used by the IPC server.
1.109 + base::win::ScopedHandle shared_section_;
1.110 + // Job object containing the target process.
1.111 + HANDLE job_;
1.112 + // Reference to the IPC subsystem.
1.113 + scoped_ptr<SharedMemIPCServer> ipc_server_;
1.114 + // Provides the threads used by the IPC. This class does not own this pointer.
1.115 + ThreadProvider* thread_pool_;
1.116 + // Base address of the main executable
1.117 + void* base_address_;
1.118 + // Full name of the target executable.
1.119 + scoped_ptr_malloc<wchar_t> exe_name_;
1.120 +
1.121 + // Function used for testing.
1.122 + friend TargetProcess* MakeTestTargetProcess(HANDLE process,
1.123 + HMODULE base_address);
1.124 +
1.125 + DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess);
1.126 +};
1.127 +
1.128 +// Creates a mock TargetProcess used for testing interceptions.
1.129 +// TODO(cpu): It seems that this method is not going to be used anymore.
1.130 +TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address);
1.131 +
1.132 +
1.133 +} // namespace sandbox
1.134 +
1.135 +#endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_
