Move BrokerDuplicateHandle() to be declared in content/public

content/common/sandbox_policy.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/common/sandbox_policy.h"
 
 #include <string>
 
 #include "base/command_line.h"
 #include "base/debug/debugger.h"
 #include "base/debug/trace_event.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/path_service.h"
 #include "base/process_util.h"
 #include "base/stringprintf.h"
 #include "base/string_util.h"
 #include "base/win/scoped_handle.h"
 #include "base/win/scoped_process_information.h"
 #include "base/win/windows_version.h"
 #include "content/common/debug_flags.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/process_type.h"
+#include "content/public/common/sandbox_init.h"
 #include "sandbox/src/sandbox.h"
 #include "ui/gfx/gl/gl_switches.h"
 
 static sandbox::BrokerServices* g_broker_services = NULL;
 static sandbox::TargetServices* g_target_services = NULL;
 
 namespace {
 
 // The DLLs listed here are known (or under strong suspicion) of causing crashes
 // when they are loaded in the renderer. Note: at runtime we generate short
@@ skipping 416 matching lines @@
 }
 
 bool InitTargetServices(sandbox::TargetServices* target_services) {
   DCHECK(target_services);
   DCHECK(!g_target_services);
   sandbox::ResultCode result = target_services->Init();
   g_target_services = target_services;
   return SBOX_ALL_OK == result;
 }
 
-bool BrokerDuplicateHandle(HANDLE source_handle,
-                           DWORD target_process_id,
-                           HANDLE* target_handle,
-                           DWORD desired_access,
-                           DWORD options) {
-  // If our process is the target just duplicate the handle.
-  if (::GetCurrentProcessId() == target_process_id) {
-    return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
-                               ::GetCurrentProcess(), target_handle,
-                               desired_access, FALSE, options);
-
-  }
-
-  // Try the broker next
-  if (g_target_services &&
-      g_target_services->DuplicateHandle(source_handle, target_process_id,
-                                         target_handle, desired_access,
-                                         options) == SBOX_ALL_OK) {
-    return true;
-  }
-
-  // Finally, see if we already have access to the process.
-  base::win::ScopedHandle target_process;
-  target_process.Set(::OpenProcess(PROCESS_DUP_HANDLE, FALSE,
-                                    target_process_id));
-  if (target_process.IsValid()) {
-    return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
-                                target_process, target_handle,
-                                desired_access, FALSE, options);
-  }
-
-  return false;
-}
-
-
 base::ProcessHandle StartProcessWithAccess(CommandLine* cmd_line,
                                            const FilePath& exposed_dir) {
   const CommandLine& browser_command_line = *CommandLine::ForCurrentProcess();
   content::ProcessType type;
   std::string type_str = cmd_line->GetSwitchValueASCII(switches::kProcessType);
   if (type_str == switches::kRendererProcess) {
     type = content::PROCESS_TYPE_RENDERER;
   } else if (type_str == switches::kPluginProcess) {
     type = content::PROCESS_TYPE_PLUGIN;
   } else if (type_str == switches::kWorkerProcess) {
@@ skipping 175 matching lines @@
 
   // Help the process a little. It can't start the debugger by itself if
   // the process is in a sandbox.
   if (child_needs_help)
     base::debug::SpawnDebuggerOnProcess(target.process_id());
 
   return target.TakeProcessHandle();
 }
 
 }  // namespace sandbox
+
+namespace content {

[jschuh, 2012/04/14 19:59:53]

You're going to have to fix this up manually now that I've landed r132303
(sorry).

+
+bool BrokerDuplicateHandle(HANDLE source_handle,
+                           DWORD target_process_id,
+                           HANDLE* target_handle,
+                           DWORD desired_access,
+                           DWORD options) {
+  // If our process is the target just duplicate the handle.
+  if (::GetCurrentProcessId() == target_process_id) {
+    return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
+                               ::GetCurrentProcess(), target_handle,
+                               desired_access, FALSE, options);
+
+  }
+
+  // Try the broker next
+  if (g_target_services &&
+      g_target_services->DuplicateHandle(source_handle, target_process_id,
+                                         target_handle, desired_access,
+                                         options) == sandbox::SBOX_ALL_OK) {
+    return true;
+  }
+
+  // Finally, see if we already have access to the process.
+  base::win::ScopedHandle target_process;
+  target_process.Set(::OpenProcess(PROCESS_DUP_HANDLE, FALSE,
+                                    target_process_id));
+  if (target_process.IsValid()) {
+    return !!::DuplicateHandle(::GetCurrentProcess(), source_handle,
+                                target_process, target_handle,
+                                desired_access, FALSE, options);
+  }
+
+  return false;
+}
+
+}  // namespace content