michael@0: // Copyright (c) 2012 The Chromium Authors. All rights reserved. michael@0: // Use of this source code is governed by a BSD-style license that can be michael@0: // found in the LICENSE file. michael@0: michael@0: #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_ michael@0: #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_ michael@0: michael@0: #include michael@0: michael@0: #include "base/basictypes.h" michael@0: #include "base/memory/scoped_ptr.h" michael@0: #include "base/win/scoped_handle.h" michael@0: #include "base/win/scoped_process_information.h" michael@0: #include "sandbox/win/src/crosscall_server.h" michael@0: #include "sandbox/win/src/sandbox_types.h" michael@0: michael@0: namespace base { michael@0: namespace win { michael@0: michael@0: class StartupInformation; michael@0: michael@0: }; // namespace win michael@0: }; // namespace base michael@0: michael@0: namespace sandbox { michael@0: michael@0: class AttributeList; michael@0: class SharedMemIPCServer; michael@0: class ThreadProvider; michael@0: michael@0: // TargetProcess models a target instance (child process). Objects of this michael@0: // class are owned by the Policy used to create them. michael@0: class TargetProcess { michael@0: public: michael@0: // The constructor takes ownership of |initial_token| and |lockdown_token|. michael@0: TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job, michael@0: ThreadProvider* thread_pool); michael@0: ~TargetProcess(); michael@0: michael@0: // TODO(cpu): Currently there does not seem to be a reason to implement michael@0: // reference counting for this class since is internal, but kept the michael@0: // the same interface so the interception framework does not need to be michael@0: // touched at this point. michael@0: void AddRef() {} michael@0: void Release() {} michael@0: michael@0: // Creates the new target process. The process is created suspended. michael@0: DWORD Create(const wchar_t* exe_path, michael@0: const wchar_t* command_line, michael@0: bool inherit_handles, michael@0: const base::win::StartupInformation& startup_info, michael@0: base::win::ScopedProcessInformation* target_info); michael@0: michael@0: // Destroys the target process. michael@0: void Terminate(); michael@0: michael@0: // Creates the IPC objects such as the BrokerDispatcher and the michael@0: // IPC server. The IPC server uses the services of the thread_pool. michael@0: DWORD Init(Dispatcher* ipc_dispatcher, void* policy, michael@0: uint32 shared_IPC_size, uint32 shared_policy_size); michael@0: michael@0: // Returns the handle to the target process. michael@0: HANDLE Process() const { michael@0: return sandbox_process_info_.process_handle(); michael@0: } michael@0: michael@0: // Returns the handle to the job object that the target process belongs to. michael@0: HANDLE Job() const { michael@0: return job_; michael@0: } michael@0: michael@0: // Returns the address of the target main exe. This is used by the michael@0: // interceptions framework. michael@0: HMODULE MainModule() const { michael@0: return reinterpret_cast(base_address_); michael@0: } michael@0: michael@0: // Returns the name of the executable. michael@0: const wchar_t* Name() const { michael@0: return exe_name_.get(); michael@0: } michael@0: michael@0: // Returns the process id. michael@0: DWORD ProcessId() const { michael@0: return sandbox_process_info_.process_id(); michael@0: } michael@0: michael@0: // Returns the handle to the main thread. michael@0: HANDLE MainThread() const { michael@0: return sandbox_process_info_.thread_handle(); michael@0: } michael@0: michael@0: // Transfers a 32-bit variable between the broker and the target. michael@0: ResultCode TransferVariable(const char* name, void* address, size_t size); michael@0: michael@0: private: michael@0: // Details of the target process. michael@0: base::win::ScopedProcessInformation sandbox_process_info_; michael@0: // The token associated with the process. It provides the core of the michael@0: // sbox security. michael@0: base::win::ScopedHandle lockdown_token_; michael@0: // The token given to the initial thread so that the target process can michael@0: // start. It has more powers than the lockdown_token. michael@0: base::win::ScopedHandle initial_token_; michael@0: // Kernel handle to the shared memory used by the IPC server. michael@0: base::win::ScopedHandle shared_section_; michael@0: // Job object containing the target process. michael@0: HANDLE job_; michael@0: // Reference to the IPC subsystem. michael@0: scoped_ptr ipc_server_; michael@0: // Provides the threads used by the IPC. This class does not own this pointer. michael@0: ThreadProvider* thread_pool_; michael@0: // Base address of the main executable michael@0: void* base_address_; michael@0: // Full name of the target executable. michael@0: scoped_ptr_malloc exe_name_; michael@0: michael@0: // Function used for testing. michael@0: friend TargetProcess* MakeTestTargetProcess(HANDLE process, michael@0: HMODULE base_address); michael@0: michael@0: DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess); michael@0: }; michael@0: michael@0: // Creates a mock TargetProcess used for testing interceptions. michael@0: // TODO(cpu): It seems that this method is not going to be used anymore. michael@0: TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address); michael@0: michael@0: michael@0: } // namespace sandbox michael@0: michael@0: #endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_