Pass the client end handle of the network-to-daemon IPC channel via handle inheritance.

remoting/host/win/wts_session_process_delegate.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This file implements the Windows service controlling Me2Me host processes
 // running within user sessions.
 
 #include "remoting/host/win/wts_session_process_delegate.h"
 
-#include <sddl.h>
-#include <limits>
-
 #include "base/base_switches.h"
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/command_line.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop.h"
-#include "base/path_service.h"
 #include "base/single_thread_task_runner.h"
-#include "base/time.h"
-#include "base/timer.h"
 #include "base/utf_string_conversions.h"
 #include "base/win/scoped_handle.h"
 #include "base/win/windows_version.h"
 #include "ipc/ipc_channel.h"
 #include "ipc/ipc_channel_proxy.h"
 #include "ipc/ipc_message.h"
 #include "remoting/host/host_exit_codes.h"
+#include "remoting/host/ipc_consts.h"
 #include "remoting/host/win/launch_process_with_token.h"
 #include "remoting/host/win/worker_process_launcher.h"
 #include "remoting/host/win/wts_console_monitor.h"
 #include "remoting/host/worker_process_ipc_delegate.h"
 
-using base::TimeDelta;
 using base::win::ScopedHandle;
 
-const FilePath::CharType kDaemonBinaryName[] =
-    FILE_PATH_LITERAL("remoting_daemon.exe");
-
-// The command line switch specifying the name of the daemon IPC endpoint.
-const char kDaemonIpcSwitchName[] = "daemon-pipe";
-
 const char kElevateSwitchName[] = "elevate";
 
 // The command line parameters that should be copied from the service's command
 // line to the host process.
 const char* kCopiedSwitchNames[] = {
     "host-config", switches::kV, switches::kVModule };
 
 namespace remoting {
 
 // A private class actually implementing the functionality provided by
 // |WtsSessionProcessDelegate|. This class is ref-counted and implements
 // asynchronous fire-and-forget shutdown.
 class WtsSessionProcessDelegate::Core
     : public base::RefCountedThreadSafe<WtsSessionProcessDelegate::Core>,
       public base::MessagePumpForIO::IOHandler,
       public WorkerProcessLauncher::Delegate {
  public:
   // The caller must ensure that |delegate| remains valid at least until
   // Stop() method has been called.
   Core(scoped_refptr<base::SingleThreadTaskRunner> main_task_runner,
        scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
        const FilePath& binary_path,
-       bool launch_elevated);
+       bool launch_elevated,
+       const std::string& channel_security);
 
   // base::MessagePumpForIO::IOHandler implementation.
   virtual void OnIOCompleted(base::MessagePumpForIO::IOContext* context,
                              DWORD bytes_transferred,
                              DWORD error) OVERRIDE;
 
+  // IPC::Sender implementation.
+  virtual bool Send(IPC::Message* message) OVERRIDE;
+
   // WorkerProcessLauncher::Delegate implementation.
   virtual DWORD GetExitCode() OVERRIDE;
   virtual void KillProcess(DWORD exit_code) OVERRIDE;
   virtual bool LaunchProcess(
-      const std::string& channel_name,
+      IPC::Listener* delegate,
       base::win::ScopedHandle* process_exit_event_out) OVERRIDE;
 
   // Initializes the object returning true on success.
   bool Initialize(uint32 session_id);
 
   // Stops the object asynchronously.
   void Stop();
 
  private:
   friend class base::RefCountedThreadSafe<Core>;
@@ skipping 18 matching lines @@
 
   // The task runner all public methods of this class should be called on.
   scoped_refptr<base::SingleThreadTaskRunner> main_task_runner_;
 
   // The task runner serving job object notifications.
   scoped_refptr<base::SingleThreadTaskRunner> io_task_runner_;
 
   // Path to the worker process binary.
   FilePath binary_path_;
 
+  // The server end of the IPC channel used to communicate to the worker
+  // process.
+  scoped_ptr<IPC::ChannelProxy> channel_;
+
+  // Security descriptor (as SDDL) to be applied to |channel_|.
+  std::string channel_security_;
+
   // The job object used to control the lifetime of child processes.
   base::win::ScopedHandle job_;
 
   // True if the worker process should be launched elevated.
   bool launch_elevated_;
 
   // A handle that becomes signalled once all processes associated with the job
   // have been terminated.
   base::win::ScopedHandle process_exit_event_;
 
   // The token to be used to launch a process in a different session.
   base::win::ScopedHandle session_token_;
 
   // True if Stop() has been called.
   bool stopping_;
 
   // The handle of the worker process, if launched.
   base::win::ScopedHandle worker_process_;
 
   DISALLOW_COPY_AND_ASSIGN(Core);
 };
 
 WtsSessionProcessDelegate::Core::Core(
     scoped_refptr<base::SingleThreadTaskRunner> main_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
     const FilePath& binary_path,
-    bool launch_elevated)
+    bool launch_elevated,
+    const std::string& channel_security)
     : main_task_runner_(main_task_runner),
       io_task_runner_(io_task_runner),
       binary_path_(binary_path),
+      channel_security_(channel_security),
       launch_elevated_(launch_elevated),
       stopping_(false) {
   DCHECK(main_task_runner_->BelongsToCurrentThread());
 }
 
 void WtsSessionProcessDelegate::Core::OnIOCompleted(
     base::MessagePumpForIO::IOContext* context,
     DWORD bytes_transferred,
     DWORD error) {
   DCHECK(io_task_runner_->BelongsToCurrentThread());
 
   // |bytes_transferred| is used in job object notifications to supply
   // the message ID; |context| carries process ID.
   main_task_runner_->PostTask(FROM_HERE, base::Bind(
       &Core::OnJobNotification, this, bytes_transferred,
       reinterpret_cast<DWORD>(context)));
 }
 
+bool WtsSessionProcessDelegate::Core::Send(IPC::Message* message) {
+  DCHECK(main_task_runner_->BelongsToCurrentThread());
+
+  if (channel_.get()) {
+    return channel_->Send(message);
+  } else {
+    delete message;
+    return false;
+  }
+}
+
 DWORD WtsSessionProcessDelegate::Core::GetExitCode() {
   DCHECK(main_task_runner_->BelongsToCurrentThread());
 
   DWORD exit_code = CONTROL_C_EXIT;
   if (worker_process_.IsValid()) {
     if (!::GetExitCodeProcess(worker_process_, &exit_code)) {
       LOG_GETLASTERROR(INFO)
           << "Failed to query the exit code of the worker process";
       exit_code = CONTROL_C_EXIT;
     }
   }
 
   return exit_code;
 }
 
 void WtsSessionProcessDelegate::Core::KillProcess(DWORD exit_code) {
   DCHECK(main_task_runner_->BelongsToCurrentThread());
 
+  channel_.reset();
+
   if (launch_elevated_) {
     if (job_.IsValid()) {
       TerminateJobObject(job_, exit_code);
     }
   } else {
     if (worker_process_.IsValid()) {
       TerminateProcess(worker_process_, exit_code);
     }
   }
 }
 
 bool WtsSessionProcessDelegate::Core::LaunchProcess(
-    const std::string& channel_name,
+    IPC::Listener* delegate,
     ScopedHandle* process_exit_event_out) {
   DCHECK(main_task_runner_->BelongsToCurrentThread());
 
   CommandLine command_line(CommandLine::NO_PROGRAM);
   if (launch_elevated_) {
     // The job object is not ready. Retry starting the host process later.
     if (!job_.IsValid()) {
       return false;
     }
 
     // Construct the helper binary name.
-    FilePath dir_path;
-    if (!PathService::Get(base::DIR_EXE, &dir_path)) {
-      LOG(ERROR) << "Failed to get the executable file name.";
+    FilePath daemon_binary;
+    if (!GetInstalledBinaryPath(kDaemonBinaryName, &daemon_binary))
       return false;
-    }
-    FilePath daemon_binary = dir_path.Append(kDaemonBinaryName);
 
     // Create the command line passing the name of the IPC channel to use and
     // copying known switches from the caller's command line.
     command_line.SetProgram(daemon_binary);
     command_line.AppendSwitchPath(kElevateSwitchName, binary_path_);
 
     CHECK(ResetEvent(process_exit_event_));
   } else {
     command_line.SetProgram(binary_path_);
   }
 
+  // Create the server end of the IPC channel.
+  scoped_ptr<IPC::ChannelProxy> channel;
+  std::string channel_name = GenerateIpcChannelName(this);
+  if (!CreateIpcChannel(channel_name, channel_security_, io_task_runner_,
+                        delegate, &channel))
+    return false;
+
   // Create the command line passing the name of the IPC channel to use and
   // copying known switches from the caller's command line.
-  command_line.AppendSwitchNative(kDaemonIpcSwitchName,
+  command_line.AppendSwitchNative(kDaemonPipeSwitchName,
                                   UTF8ToWide(channel_name));
   command_line.CopySwitchesFrom(*CommandLine::ForCurrentProcess(),
                                 kCopiedSwitchNames,
                                 arraysize(kCopiedSwitchNames));
 
   // Try to launch the process.
   ScopedHandle worker_process;
   ScopedHandle worker_thread;
   if (!LaunchProcessWithToken(command_line.GetProgram(),
                               command_line.GetCommandLineString(),
                               session_token_,
+                              false,
                               CREATE_SUSPENDED | CREATE_BREAKAWAY_FROM_JOB,
                               &worker_process,
                               &worker_thread)) {
     return false;
   }
 
   HANDLE local_process_exit_event;
   if (launch_elevated_) {
     if (!AssignProcessToJobObject(job_, worker_process)) {
       LOG_GETLASTERROR(ERROR)
@@ skipping 22 matching lines @@
                        GetCurrentProcess(),
                        process_exit_event.Receive(),
                        SYNCHRONIZE,
                        FALSE,
                        0)) {
     LOG_GETLASTERROR(ERROR) << "Failed to duplicate a handle";
     KillProcess(CONTROL_C_EXIT);
     return false;
   }
 
+  channel_ = channel.Pass();
   *process_exit_event_out = process_exit_event.Pass();
   return true;
 }
 
 bool WtsSessionProcessDelegate::Core::Initialize(uint32 session_id) {
   if (base::win::GetVersion() == base::win::VERSION_XP)
     launch_elevated_ = false;
 
   if (launch_elevated_) {
     process_exit_event_.Set(CreateEvent(NULL, TRUE, FALSE, NULL));
@@ skipping 120 matching lines @@
       worker_process_.Set(OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pid));
       break;
   }
 }
 
 WtsSessionProcessDelegate::WtsSessionProcessDelegate(
     scoped_refptr<base::SingleThreadTaskRunner> main_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
     const FilePath& binary_path,
     uint32 session_id,
-    bool launch_elevated) {
+    bool launch_elevated,
+    const std::string& channel_security) {
   core_ = new Core(main_task_runner, io_task_runner, binary_path,
-                   launch_elevated);
+                   launch_elevated, channel_security);
   if (!core_->Initialize(session_id)) {
     core_->Stop();
     core_ = NULL;
   }
 }
 
 WtsSessionProcessDelegate::~WtsSessionProcessDelegate() {
   core_->Stop();
 }
 
+bool WtsSessionProcessDelegate::Send(IPC::Message* message) {
+  return core_->Send(message);
+}
+
 DWORD WtsSessionProcessDelegate::GetExitCode() {
   if (!core_)
     return CONTROL_C_EXIT;
 
   return core_->GetExitCode();
 }
 
 void WtsSessionProcessDelegate::KillProcess(DWORD exit_code) {
   if (core_) {
     core_->KillProcess(exit_code);
   }
 }
 
 bool WtsSessionProcessDelegate::LaunchProcess(
-    const std::string& channel_name,
+    IPC::Listener* delegate,
     base::win::ScopedHandle* process_exit_event_out) {
   if (!core_)
     return false;
 
-  return core_->LaunchProcess(channel_name, process_exit_event_out);
+  return core_->LaunchProcess(delegate, process_exit_event_out);
 }
 
 } // namespace remoting