Add a sandbox API for broker handle duplication

sandbox/tests/common/controller.cc

-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/tests/common/controller.h"
 
 #include <string>
 
 #include "base/sys_string_conversions.h"
 #include "base/win/windows_version.h"
 #include "sandbox/src/sandbox_factory.h"
@@ skipping 62 matching lines @@
     if (SBOX_ALL_OK != broker->Init())
       return NULL;
 
     is_initialized = true;
   }
 
   return broker;
 }
 
 TestRunner::TestRunner(JobLevel job_level, TokenLevel startup_token,
-                       TokenLevel main_token) : is_init_(false) {
+                       TokenLevel main_token)
+    : is_init_(false), is_async_(false), target_process_id_(0) {
   Init(job_level, startup_token, main_token);
 }
 
-TestRunner::TestRunner() : is_init_(false) {
+TestRunner::TestRunner()
+    : is_init_(false), is_async_(false), target_process_id_(0) {
   Init(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN);
 }
 
 void TestRunner::Init(JobLevel job_level, TokenLevel startup_token,
                       TokenLevel main_token) {
   broker_ = NULL;
   policy_ = NULL;
   timeout_ = kDefaultTimeout;
   state_ = AFTER_REVERT;
+  is_async_= false;
+  target_process_.Close();

[rvargas (doing something else), 2012/03/27 00:35:33]

?

[jschuh, 2012/03/27 01:36:19]

Done.

+  target_process_id_ = 0;
 
   broker_ = GetBroker();
   if (!broker_)
     return;
 
   policy_ = broker_->CreatePolicy();
   if (!policy_)
     return;
 
   policy_->SetJobLevel(job_level, 0);
   policy_->SetTokenLevel(startup_token, main_token);
 
   is_init_ = true;
 }
 
 TargetPolicy* TestRunner::GetPolicy() {
   return policy_;
 }
 
 TestRunner::~TestRunner() {
+  if (broker_ && broker_->IsActiveTarget(target_process_id_))

[rvargas (doing something else), 2012/03/27 00:35:33]

why not always?

[jschuh, 2012/03/27 01:36:19]

The process ID could get reused. Probably just paranoia, but doesn't seem to
hurt anything.

[rvargas (doing something else), 2012/03/27 02:30:59]

But we have a handle, there's no need to worry about the PID

+    ::TerminateProcess(target_process_, 0);
+
   if (policy_)
     policy_->Release();
 }
 
 bool TestRunner::AddRule(TargetPolicy::SubSystem subsystem,
                          TargetPolicy::Semantics semantics,
                          const wchar_t* pattern) {
   if (!is_init_)
     return false;
 
@@ skipping 42 matching lines @@
   full_command += L" ";
   full_command += command;
 
   return InternalRunTest(full_command.c_str());
 }
 
 int TestRunner::InternalRunTest(const wchar_t* command) {
   if (!is_init_)
     return SBOX_TEST_FAILED_TO_RUN_TEST;
 
+  // For simplicity TestRunner supports only one process per instance.
+  if (target_process_) {
+    if (broker_ && broker_->IsActiveTarget(target_process_id_))

[rvargas (doing something else), 2012/03/27 00:35:33]

We should be able to do this within this class (without asking the broker).

[jschuh, 2012/03/27 01:36:19]

I originally had it with GetExitCodeProcess, but this seemed cleaner to me.

[rvargas (doing something else), 2012/03/27 02:30:59]

But this only cares about creating two targets, that can be controlled directly
by the test (if needed, note that we don't).

+      return SBOX_TEST_FAILED_TO_RUN_TEST;
+    target_process_.Close();
+    target_process_id_ = 0;
+  }
+
   // Get the path to the sandboxed process.
   wchar_t prog_name[MAX_PATH];
   GetModuleFileNameW(NULL, prog_name, MAX_PATH);
 
   // Launch the sandboxed process.
   ResultCode result = SBOX_ALL_OK;
   PROCESS_INFORMATION target = {0};
 
   std::wstring arguments(L"\"");
   arguments += prog_name;
   arguments += L"\" -child ";
   arguments += command;
 
   result = broker_->SpawnTarget(prog_name, arguments.c_str(), policy_,
                                 &target);
 
   if (SBOX_ALL_OK != result)
     return SBOX_TEST_FAILED_TO_RUN_TEST;
 
   ::ResumeThread(target.hThread);
 
+  // For an asynchronous run we don't bother waiting.
+  if (is_async_) {
+    target_process_.Set(target.hProcess);
+    target_process_id_ = target.dwProcessId;
+    ::CloseHandle(target.hThread);
+    return SBOX_TEST_SUCCEEDED;
+  }
+
   if (::IsDebuggerPresent()) {
     // Don't kill the target process on a time-out while we are debugging.
     timeout_ = INFINITE;
   }
 
   if (WAIT_TIMEOUT == ::WaitForSingleObject(target.hProcess, timeout_)) {
     ::TerminateProcess(target.hProcess, SBOX_TEST_TIMED_OUT);
     ::CloseHandle(target.hProcess);
     ::CloseHandle(target.hThread);
     return SBOX_TEST_TIMED_OUT;
@@ skipping 72 matching lines @@
   if (BEFORE_REVERT == state)
     return command(argc - 4, argv + 4);
   else if (EVERY_STATE == state)
     command(argc - 4, argv + 4);
 
   target->LowerToken();
   return command(argc - 4, argv + 4);
 }
 
 }  // namespace sandbox