Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(258)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/src/broker_services.cc

Issue 9838083: Add a sandbox API for broker handle duplication (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « sandbox/src/broker_services.h ('k') | sandbox/src/handle_dispatcher.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/src/broker_services.h" 5 #include "sandbox/src/broker_services.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/threading/platform_thread.h" 8 #include "base/threading/platform_thread.h"
9 #include "sandbox/src/sandbox_policy_base.h" 9 #include "sandbox/src/sandbox_policy_base.h"
10 #include "sandbox/src/sandbox.h" 10 #include "sandbox/src/sandbox.h"
11 #include "sandbox/src/target_process.h" 11 #include "sandbox/src/target_process.h"
(...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after
177 case JOB_OBJECT_MSG_NEW_PROCESS: { 177 case JOB_OBJECT_MSG_NEW_PROCESS: {
178 ++target_counter; 178 ++target_counter;
179 if (1 == target_counter) { 179 if (1 == target_counter) {
180 ::ResetEvent(no_targets); 180 ::ResetEvent(no_targets);
181 } 181 }
182 break; 182 break;
183 } 183 }
184 184
185 case JOB_OBJECT_MSG_EXIT_PROCESS: 185 case JOB_OBJECT_MSG_EXIT_PROCESS:
186 case JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS: { 186 case JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS: {
187 {
188 AutoLock lock(&broker->lock_);
189 broker->child_process_ids_.erase(reinterpret_cast<DWORD>(ovl));
190 }
187 --target_counter; 191 --target_counter;
188 if (0 == target_counter) 192 if (0 == target_counter)
189 ::SetEvent(no_targets); 193 ::SetEvent(no_targets);
190 194
191 DCHECK(target_counter >= 0); 195 DCHECK(target_counter >= 0);
192 break; 196 break;
193 } 197 }
194 198
195 case JOB_OBJECT_MSG_ACTIVE_PROCESS_LIMIT: { 199 case JOB_OBJECT_MSG_ACTIVE_PROCESS_LIMIT: {
196 break; 200 break;
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
285 289
286 // We are going to keep a pointer to the policy because we'll call it when 290 // We are going to keep a pointer to the policy because we'll call it when
287 // the job object generates notifications using the completion port. 291 // the job object generates notifications using the completion port.
288 policy_base->AddRef(); 292 policy_base->AddRef();
289 JobTracker* tracker = new JobTracker(job, policy_base); 293 JobTracker* tracker = new JobTracker(job, policy_base);
290 if (!AssociateCompletionPort(job, job_port_, tracker)) 294 if (!AssociateCompletionPort(job, job_port_, tracker))
291 return SpawnCleanup(target, 0); 295 return SpawnCleanup(target, 0);
292 // Save the tracker because in cleanup we might need to force closing 296 // Save the tracker because in cleanup we might need to force closing
293 // the Jobs. 297 // the Jobs.
294 tracker_list_.push_back(tracker); 298 tracker_list_.push_back(tracker);
299 child_process_ids_.insert(process_info.dwProcessId);
295 300
296 // We return the caller a duplicate of the process handle so they 301 // We return the caller a duplicate of the process handle so they
297 // can close it at will. 302 // can close it at will.
298 HANDLE dup_process_handle = NULL; 303 HANDLE dup_process_handle = NULL;
299 if (!::DuplicateHandle(::GetCurrentProcess(), process_info.hProcess, 304 if (!::DuplicateHandle(::GetCurrentProcess(), process_info.hProcess,
300 ::GetCurrentProcess(), &dup_process_handle, 305 ::GetCurrentProcess(), &dup_process_handle,
301 0, FALSE, DUPLICATE_SAME_ACCESS)) 306 0, FALSE, DUPLICATE_SAME_ACCESS))
302 return SpawnCleanup(target, 0); 307 return SpawnCleanup(target, 0);
303 308
304 *target_info = process_info; 309 *target_info = process_info;
305 target_info->hProcess = dup_process_handle; 310 target_info->hProcess = dup_process_handle;
306 return SBOX_ALL_OK; 311 return SBOX_ALL_OK;
307 } 312 }
308 313
309 314
310 ResultCode BrokerServicesBase::WaitForAllTargets() { 315 ResultCode BrokerServicesBase::WaitForAllTargets() {
311 ::WaitForSingleObject(no_targets_, INFINITE); 316 ::WaitForSingleObject(no_targets_, INFINITE);
312 return SBOX_ALL_OK; 317 return SBOX_ALL_OK;
313 } 318 }
314 319
320 bool BrokerServicesBase::IsActiveTarget(DWORD process_id) {
321 AutoLock lock(&lock_);
322 return child_process_ids_.find(process_id) != child_process_ids_.end();
323 }
324
315 } // namespace sandbox 325 } // namespace sandbox
OLDNEW
« no previous file with comments | « sandbox/src/broker_services.h ('k') | sandbox/src/handle_dispatcher.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698