OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/tests/common/controller.h" | 5 #include "sandbox/tests/common/controller.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/sys_string_conversions.h" | 9 #include "base/sys_string_conversions.h" |
10 #include "base/win/windows_version.h" | 10 #include "base/win/windows_version.h" |
11 #include "sandbox/src/sandbox_factory.h" | 11 #include "sandbox/src/sandbox_factory.h" |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
44 return full_path; | 44 return full_path; |
45 | 45 |
46 if (is_obj_man_path) | 46 if (is_obj_man_path) |
47 full_path.insert(0, L"\\??\\"); | 47 full_path.insert(0, L"\\??\\"); |
48 | 48 |
49 full_path += L"\\SysWOW64\\"; | 49 full_path += L"\\SysWOW64\\"; |
50 full_path += name; | 50 full_path += name; |
51 return full_path; | 51 return full_path; |
52 } | 52 } |
53 | 53 |
| 54 bool IsProcessRunning(HANDLE process) { |
| 55 DWORD exit_code = 0; |
| 56 if (::GetExitCodeProcess(process, &exit_code)) |
| 57 return exit_code == STILL_ACTIVE; |
| 58 return false; |
| 59 } |
| 60 |
54 } // namespace | 61 } // namespace |
55 | 62 |
56 namespace sandbox { | 63 namespace sandbox { |
57 | 64 |
58 std::wstring MakePathToSys(const wchar_t* name, bool is_obj_man_path) { | 65 std::wstring MakePathToSys(const wchar_t* name, bool is_obj_man_path) { |
59 return (base::win::OSInfo::GetInstance()->wow64_status() == | 66 return (base::win::OSInfo::GetInstance()->wow64_status() == |
60 base::win::OSInfo::WOW64_ENABLED) ? | 67 base::win::OSInfo::WOW64_ENABLED) ? |
61 MakePathToSysWow64(name, is_obj_man_path) : | 68 MakePathToSysWow64(name, is_obj_man_path) : |
62 MakePathToSys32(name, is_obj_man_path); | 69 MakePathToSys32(name, is_obj_man_path); |
63 } | 70 } |
(...skipping 10 matching lines...) Expand all Loading... |
74 if (SBOX_ALL_OK != broker->Init()) | 81 if (SBOX_ALL_OK != broker->Init()) |
75 return NULL; | 82 return NULL; |
76 | 83 |
77 is_initialized = true; | 84 is_initialized = true; |
78 } | 85 } |
79 | 86 |
80 return broker; | 87 return broker; |
81 } | 88 } |
82 | 89 |
83 TestRunner::TestRunner(JobLevel job_level, TokenLevel startup_token, | 90 TestRunner::TestRunner(JobLevel job_level, TokenLevel startup_token, |
84 TokenLevel main_token) : is_init_(false) { | 91 TokenLevel main_token) |
| 92 : is_init_(false), is_async_(false), target_process_id_(0) { |
85 Init(job_level, startup_token, main_token); | 93 Init(job_level, startup_token, main_token); |
86 } | 94 } |
87 | 95 |
88 TestRunner::TestRunner() : is_init_(false) { | 96 TestRunner::TestRunner() |
| 97 : is_init_(false), is_async_(false), target_process_id_(0) { |
89 Init(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); | 98 Init(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); |
90 } | 99 } |
91 | 100 |
92 void TestRunner::Init(JobLevel job_level, TokenLevel startup_token, | 101 void TestRunner::Init(JobLevel job_level, TokenLevel startup_token, |
93 TokenLevel main_token) { | 102 TokenLevel main_token) { |
94 broker_ = NULL; | 103 broker_ = NULL; |
95 policy_ = NULL; | 104 policy_ = NULL; |
96 timeout_ = kDefaultTimeout; | 105 timeout_ = kDefaultTimeout; |
97 state_ = AFTER_REVERT; | 106 state_ = AFTER_REVERT; |
| 107 is_async_= false; |
| 108 target_process_id_ = 0; |
98 | 109 |
99 broker_ = GetBroker(); | 110 broker_ = GetBroker(); |
100 if (!broker_) | 111 if (!broker_) |
101 return; | 112 return; |
102 | 113 |
103 policy_ = broker_->CreatePolicy(); | 114 policy_ = broker_->CreatePolicy(); |
104 if (!policy_) | 115 if (!policy_) |
105 return; | 116 return; |
106 | 117 |
107 policy_->SetJobLevel(job_level, 0); | 118 policy_->SetJobLevel(job_level, 0); |
108 policy_->SetTokenLevel(startup_token, main_token); | 119 policy_->SetTokenLevel(startup_token, main_token); |
109 | 120 |
110 is_init_ = true; | 121 is_init_ = true; |
111 } | 122 } |
112 | 123 |
113 TargetPolicy* TestRunner::GetPolicy() { | 124 TargetPolicy* TestRunner::GetPolicy() { |
114 return policy_; | 125 return policy_; |
115 } | 126 } |
116 | 127 |
117 TestRunner::~TestRunner() { | 128 TestRunner::~TestRunner() { |
| 129 if (target_process_) |
| 130 ::TerminateProcess(target_process_, 0); |
| 131 |
118 if (policy_) | 132 if (policy_) |
119 policy_->Release(); | 133 policy_->Release(); |
120 } | 134 } |
121 | 135 |
122 bool TestRunner::AddRule(TargetPolicy::SubSystem subsystem, | 136 bool TestRunner::AddRule(TargetPolicy::SubSystem subsystem, |
123 TargetPolicy::Semantics semantics, | 137 TargetPolicy::Semantics semantics, |
124 const wchar_t* pattern) { | 138 const wchar_t* pattern) { |
125 if (!is_init_) | 139 if (!is_init_) |
126 return false; | 140 return false; |
127 | 141 |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
170 full_command += L" "; | 184 full_command += L" "; |
171 full_command += command; | 185 full_command += command; |
172 | 186 |
173 return InternalRunTest(full_command.c_str()); | 187 return InternalRunTest(full_command.c_str()); |
174 } | 188 } |
175 | 189 |
176 int TestRunner::InternalRunTest(const wchar_t* command) { | 190 int TestRunner::InternalRunTest(const wchar_t* command) { |
177 if (!is_init_) | 191 if (!is_init_) |
178 return SBOX_TEST_FAILED_TO_RUN_TEST; | 192 return SBOX_TEST_FAILED_TO_RUN_TEST; |
179 | 193 |
| 194 // For simplicity TestRunner supports only one process per instance. |
| 195 if (target_process_) { |
| 196 if (IsProcessRunning(target_process_)) |
| 197 return SBOX_TEST_FAILED_TO_RUN_TEST; |
| 198 target_process_.Close(); |
| 199 target_process_id_ = 0; |
| 200 } |
| 201 |
180 // Get the path to the sandboxed process. | 202 // Get the path to the sandboxed process. |
181 wchar_t prog_name[MAX_PATH]; | 203 wchar_t prog_name[MAX_PATH]; |
182 GetModuleFileNameW(NULL, prog_name, MAX_PATH); | 204 GetModuleFileNameW(NULL, prog_name, MAX_PATH); |
183 | 205 |
184 // Launch the sandboxed process. | 206 // Launch the sandboxed process. |
185 ResultCode result = SBOX_ALL_OK; | 207 ResultCode result = SBOX_ALL_OK; |
186 PROCESS_INFORMATION target = {0}; | 208 PROCESS_INFORMATION target = {0}; |
187 | 209 |
188 std::wstring arguments(L"\""); | 210 std::wstring arguments(L"\""); |
189 arguments += prog_name; | 211 arguments += prog_name; |
190 arguments += L"\" -child "; | 212 arguments += L"\" -child "; |
191 arguments += command; | 213 arguments += command; |
192 | 214 |
193 result = broker_->SpawnTarget(prog_name, arguments.c_str(), policy_, | 215 result = broker_->SpawnTarget(prog_name, arguments.c_str(), policy_, |
194 &target); | 216 &target); |
195 | 217 |
196 if (SBOX_ALL_OK != result) | 218 if (SBOX_ALL_OK != result) |
197 return SBOX_TEST_FAILED_TO_RUN_TEST; | 219 return SBOX_TEST_FAILED_TO_RUN_TEST; |
198 | 220 |
199 ::ResumeThread(target.hThread); | 221 ::ResumeThread(target.hThread); |
200 | 222 |
| 223 // For an asynchronous run we don't bother waiting. |
| 224 if (is_async_) { |
| 225 target_process_.Set(target.hProcess); |
| 226 target_process_id_ = target.dwProcessId; |
| 227 ::CloseHandle(target.hThread); |
| 228 return SBOX_TEST_SUCCEEDED; |
| 229 } |
| 230 |
201 if (::IsDebuggerPresent()) { | 231 if (::IsDebuggerPresent()) { |
202 // Don't kill the target process on a time-out while we are debugging. | 232 // Don't kill the target process on a time-out while we are debugging. |
203 timeout_ = INFINITE; | 233 timeout_ = INFINITE; |
204 } | 234 } |
205 | 235 |
206 if (WAIT_TIMEOUT == ::WaitForSingleObject(target.hProcess, timeout_)) { | 236 if (WAIT_TIMEOUT == ::WaitForSingleObject(target.hProcess, timeout_)) { |
207 ::TerminateProcess(target.hProcess, SBOX_TEST_TIMED_OUT); | 237 ::TerminateProcess(target.hProcess, SBOX_TEST_TIMED_OUT); |
208 ::CloseHandle(target.hProcess); | 238 ::CloseHandle(target.hProcess); |
209 ::CloseHandle(target.hThread); | 239 ::CloseHandle(target.hThread); |
210 return SBOX_TEST_TIMED_OUT; | 240 return SBOX_TEST_TIMED_OUT; |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
283 if (BEFORE_REVERT == state) | 313 if (BEFORE_REVERT == state) |
284 return command(argc - 4, argv + 4); | 314 return command(argc - 4, argv + 4); |
285 else if (EVERY_STATE == state) | 315 else if (EVERY_STATE == state) |
286 command(argc - 4, argv + 4); | 316 command(argc - 4, argv + 4); |
287 | 317 |
288 target->LowerToken(); | 318 target->LowerToken(); |
289 return command(argc - 4, argv + 4); | 319 return command(argc - 4, argv + 4); |
290 } | 320 } |
291 | 321 |
292 } // namespace sandbox | 322 } // namespace sandbox |
OLD | NEW |