Home | History | Annotate | Download | only in src
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_
      6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_
      7 
      8 #include <windows.h>
      9 
     10 #include "base/basictypes.h"
     11 #include "base/memory/scoped_ptr.h"
     12 #include "base/win/scoped_handle.h"
     13 #include "base/win/scoped_process_information.h"
     14 #include "sandbox/win/src/crosscall_server.h"
     15 #include "sandbox/win/src/sandbox_types.h"
     16 
     17 namespace base {
     18 namespace win {
     19 
     20 class StartupInformation;
     21 
     22 };  // namespace win
     23 };  // namespace base
     24 
     25 namespace sandbox {
     26 
     27 class AttributeList;
     28 class SharedMemIPCServer;
     29 class ThreadProvider;
     30 
     31 // TargetProcess models a target instance (child process). Objects of this
     32 // class are owned by the Policy used to create them.
     33 class TargetProcess {
     34  public:
     35   // The constructor takes ownership of |initial_token| and |lockdown_token|.
     36   TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job,
     37                 ThreadProvider* thread_pool);
     38   ~TargetProcess();
     39 
     40   // TODO(cpu): Currently there does not seem to be a reason to implement
     41   // reference counting for this class since is internal, but kept the
     42   // the same interface so the interception framework does not need to be
     43   // touched at this point.
     44   void AddRef() {}
     45   void Release() {}
     46 
     47   // Creates the new target process. The process is created suspended.
     48   DWORD Create(const wchar_t* exe_path,
     49                const wchar_t* command_line,
     50                bool inherit_handles,
     51                const base::win::StartupInformation& startup_info,
     52                base::win::ScopedProcessInformation* target_info);
     53 
     54   // Destroys the target process.
     55   void Terminate();
     56 
     57   // Creates the IPC objects such as the BrokerDispatcher and the
     58   // IPC server. The IPC server uses the services of the thread_pool.
     59   DWORD Init(Dispatcher* ipc_dispatcher, void* policy,
     60              uint32 shared_IPC_size, uint32 shared_policy_size);
     61 
     62   // Returns the handle to the target process.
     63   HANDLE Process() const {
     64     return sandbox_process_info_.process_handle();
     65   }
     66 
     67   // Returns the handle to the job object that the target process belongs to.
     68   HANDLE Job() const {
     69     return job_;
     70   }
     71 
     72   // Returns the address of the target main exe. This is used by the
     73   // interceptions framework.
     74   HMODULE MainModule() const {
     75     return reinterpret_cast<HMODULE>(base_address_);
     76   }
     77 
     78   // Returns the name of the executable.
     79   const wchar_t* Name() const {
     80     return exe_name_.get();
     81   }
     82 
     83   // Returns the process id.
     84   DWORD ProcessId() const {
     85     return sandbox_process_info_.process_id();
     86   }
     87 
     88   // Returns the handle to the main thread.
     89   HANDLE MainThread() const {
     90     return sandbox_process_info_.thread_handle();
     91   }
     92 
     93   // Transfers a 32-bit variable between the broker and the target.
     94   ResultCode TransferVariable(const char* name, void* address, size_t size);
     95 
     96  private:
     97   // Details of the target process.
     98   base::win::ScopedProcessInformation sandbox_process_info_;
     99   // The token associated with the process. It provides the core of the
    100   // sbox security.
    101   base::win::ScopedHandle lockdown_token_;
    102   // The token given to the initial thread so that the target process can
    103   // start. It has more powers than the lockdown_token.
    104   base::win::ScopedHandle initial_token_;
    105   // Kernel handle to the shared memory used by the IPC server.
    106   base::win::ScopedHandle shared_section_;
    107   // Job object containing the target process.
    108   HANDLE job_;
    109   // Reference to the IPC subsystem.
    110   scoped_ptr<SharedMemIPCServer> ipc_server_;
    111   // Provides the threads used by the IPC. This class does not own this pointer.
    112   ThreadProvider* thread_pool_;
    113   // Base address of the main executable
    114   void* base_address_;
    115   // Full name of the target executable.
    116   scoped_ptr_malloc<wchar_t> exe_name_;
    117 
    118   // Function used for testing.
    119   friend TargetProcess* MakeTestTargetProcess(HANDLE process,
    120                                               HMODULE base_address);
    121 
    122   DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess);
    123 };
    124 
    125 // Creates a mock TargetProcess used for testing interceptions.
    126 // TODO(cpu): It seems that this method is not going to be used anymore.
    127 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address);
    128 
    129 
    130 }  // namespace sandbox
    131 
    132 #endif  // SANDBOX_WIN_SRC_TARGET_PROCESS_H_
    133