OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/tests/common/controller.h" | 5 #include "sandbox/tests/common/controller.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/sys_string_conversions.h" | 9 #include "base/sys_string_conversions.h" |
10 #include "base/win/windows_version.h" | 10 #include "base/win/windows_version.h" |
11 #include "sandbox/src/sandbox_factory.h" | 11 #include "sandbox/src/sandbox_factory.h" |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
44 return full_path; | 44 return full_path; |
45 | 45 |
46 if (is_obj_man_path) | 46 if (is_obj_man_path) |
47 full_path.insert(0, L"\\??\\"); | 47 full_path.insert(0, L"\\??\\"); |
48 | 48 |
49 full_path += L"\\SysWOW64\\"; | 49 full_path += L"\\SysWOW64\\"; |
50 full_path += name; | 50 full_path += name; |
51 return full_path; | 51 return full_path; |
52 } | 52 } |
53 | 53 |
54 bool IsProcessRunning(HANDLE process) { | |
55 DWORD exit_code = 0; | |
56 if (::GetExitCodeProcess(process, &exit_code)) | |
57 return exit_code == STILL_ACTIVE; | |
58 return false; | |
59 } | |
60 | |
61 } // namespace | 54 } // namespace |
62 | 55 |
63 namespace sandbox { | 56 namespace sandbox { |
64 | 57 |
65 std::wstring MakePathToSys(const wchar_t* name, bool is_obj_man_path) { | 58 std::wstring MakePathToSys(const wchar_t* name, bool is_obj_man_path) { |
66 return (base::win::OSInfo::GetInstance()->wow64_status() == | 59 return (base::win::OSInfo::GetInstance()->wow64_status() == |
67 base::win::OSInfo::WOW64_ENABLED) ? | 60 base::win::OSInfo::WOW64_ENABLED) ? |
68 MakePathToSysWow64(name, is_obj_man_path) : | 61 MakePathToSysWow64(name, is_obj_man_path) : |
69 MakePathToSys32(name, is_obj_man_path); | 62 MakePathToSys32(name, is_obj_man_path); |
70 } | 63 } |
(...skipping 10 matching lines...) Expand all Loading... |
81 if (SBOX_ALL_OK != broker->Init()) | 74 if (SBOX_ALL_OK != broker->Init()) |
82 return NULL; | 75 return NULL; |
83 | 76 |
84 is_initialized = true; | 77 is_initialized = true; |
85 } | 78 } |
86 | 79 |
87 return broker; | 80 return broker; |
88 } | 81 } |
89 | 82 |
90 TestRunner::TestRunner(JobLevel job_level, TokenLevel startup_token, | 83 TestRunner::TestRunner(JobLevel job_level, TokenLevel startup_token, |
91 TokenLevel main_token) | 84 TokenLevel main_token) : is_init_(false) { |
92 : is_init_(false), is_async_(false), target_process_id_(0) { | |
93 Init(job_level, startup_token, main_token); | 85 Init(job_level, startup_token, main_token); |
94 } | 86 } |
95 | 87 |
96 TestRunner::TestRunner() | 88 TestRunner::TestRunner() : is_init_(false) { |
97 : is_init_(false), is_async_(false), target_process_id_(0) { | |
98 Init(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); | 89 Init(JOB_LOCKDOWN, USER_RESTRICTED_SAME_ACCESS, USER_LOCKDOWN); |
99 } | 90 } |
100 | 91 |
101 void TestRunner::Init(JobLevel job_level, TokenLevel startup_token, | 92 void TestRunner::Init(JobLevel job_level, TokenLevel startup_token, |
102 TokenLevel main_token) { | 93 TokenLevel main_token) { |
103 broker_ = NULL; | 94 broker_ = NULL; |
104 policy_ = NULL; | 95 policy_ = NULL; |
105 timeout_ = kDefaultTimeout; | 96 timeout_ = kDefaultTimeout; |
106 state_ = AFTER_REVERT; | 97 state_ = AFTER_REVERT; |
107 is_async_= false; | |
108 target_process_id_ = 0; | |
109 | 98 |
110 broker_ = GetBroker(); | 99 broker_ = GetBroker(); |
111 if (!broker_) | 100 if (!broker_) |
112 return; | 101 return; |
113 | 102 |
114 policy_ = broker_->CreatePolicy(); | 103 policy_ = broker_->CreatePolicy(); |
115 if (!policy_) | 104 if (!policy_) |
116 return; | 105 return; |
117 | 106 |
118 policy_->SetJobLevel(job_level, 0); | 107 policy_->SetJobLevel(job_level, 0); |
119 policy_->SetTokenLevel(startup_token, main_token); | 108 policy_->SetTokenLevel(startup_token, main_token); |
120 | 109 |
121 is_init_ = true; | 110 is_init_ = true; |
122 } | 111 } |
123 | 112 |
124 TargetPolicy* TestRunner::GetPolicy() { | 113 TargetPolicy* TestRunner::GetPolicy() { |
125 return policy_; | 114 return policy_; |
126 } | 115 } |
127 | 116 |
128 TestRunner::~TestRunner() { | 117 TestRunner::~TestRunner() { |
129 if (target_process_) | |
130 ::TerminateProcess(target_process_, 0); | |
131 | |
132 if (policy_) | 118 if (policy_) |
133 policy_->Release(); | 119 policy_->Release(); |
134 } | 120 } |
135 | 121 |
136 bool TestRunner::AddRule(TargetPolicy::SubSystem subsystem, | 122 bool TestRunner::AddRule(TargetPolicy::SubSystem subsystem, |
137 TargetPolicy::Semantics semantics, | 123 TargetPolicy::Semantics semantics, |
138 const wchar_t* pattern) { | 124 const wchar_t* pattern) { |
139 if (!is_init_) | 125 if (!is_init_) |
140 return false; | 126 return false; |
141 | 127 |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
184 full_command += L" "; | 170 full_command += L" "; |
185 full_command += command; | 171 full_command += command; |
186 | 172 |
187 return InternalRunTest(full_command.c_str()); | 173 return InternalRunTest(full_command.c_str()); |
188 } | 174 } |
189 | 175 |
190 int TestRunner::InternalRunTest(const wchar_t* command) { | 176 int TestRunner::InternalRunTest(const wchar_t* command) { |
191 if (!is_init_) | 177 if (!is_init_) |
192 return SBOX_TEST_FAILED_TO_RUN_TEST; | 178 return SBOX_TEST_FAILED_TO_RUN_TEST; |
193 | 179 |
194 // For simplicity TestRunner supports only one process per instance. | |
195 if (target_process_) { | |
196 if (IsProcessRunning(target_process_)) | |
197 return SBOX_TEST_FAILED_TO_RUN_TEST; | |
198 target_process_.Close(); | |
199 target_process_id_ = 0; | |
200 } | |
201 | |
202 // Get the path to the sandboxed process. | 180 // Get the path to the sandboxed process. |
203 wchar_t prog_name[MAX_PATH]; | 181 wchar_t prog_name[MAX_PATH]; |
204 GetModuleFileNameW(NULL, prog_name, MAX_PATH); | 182 GetModuleFileNameW(NULL, prog_name, MAX_PATH); |
205 | 183 |
206 // Launch the sandboxed process. | 184 // Launch the sandboxed process. |
207 ResultCode result = SBOX_ALL_OK; | 185 ResultCode result = SBOX_ALL_OK; |
208 PROCESS_INFORMATION target = {0}; | 186 PROCESS_INFORMATION target = {0}; |
209 | 187 |
210 std::wstring arguments(L"\""); | 188 std::wstring arguments(L"\""); |
211 arguments += prog_name; | 189 arguments += prog_name; |
212 arguments += L"\" -child "; | 190 arguments += L"\" -child "; |
213 arguments += command; | 191 arguments += command; |
214 | 192 |
215 result = broker_->SpawnTarget(prog_name, arguments.c_str(), policy_, | 193 result = broker_->SpawnTarget(prog_name, arguments.c_str(), policy_, |
216 &target); | 194 &target); |
217 | 195 |
218 if (SBOX_ALL_OK != result) | 196 if (SBOX_ALL_OK != result) |
219 return SBOX_TEST_FAILED_TO_RUN_TEST; | 197 return SBOX_TEST_FAILED_TO_RUN_TEST; |
220 | 198 |
221 ::ResumeThread(target.hThread); | 199 ::ResumeThread(target.hThread); |
222 | 200 |
223 // For an asynchronous run we don't bother waiting. | |
224 if (is_async_) { | |
225 target_process_.Set(target.hProcess); | |
226 target_process_id_ = target.dwProcessId; | |
227 ::CloseHandle(target.hThread); | |
228 return SBOX_TEST_SUCCEEDED; | |
229 } | |
230 | |
231 if (::IsDebuggerPresent()) { | 201 if (::IsDebuggerPresent()) { |
232 // Don't kill the target process on a time-out while we are debugging. | 202 // Don't kill the target process on a time-out while we are debugging. |
233 timeout_ = INFINITE; | 203 timeout_ = INFINITE; |
234 } | 204 } |
235 | 205 |
236 if (WAIT_TIMEOUT == ::WaitForSingleObject(target.hProcess, timeout_)) { | 206 if (WAIT_TIMEOUT == ::WaitForSingleObject(target.hProcess, timeout_)) { |
237 ::TerminateProcess(target.hProcess, SBOX_TEST_TIMED_OUT); | 207 ::TerminateProcess(target.hProcess, SBOX_TEST_TIMED_OUT); |
238 ::CloseHandle(target.hProcess); | 208 ::CloseHandle(target.hProcess); |
239 ::CloseHandle(target.hThread); | 209 ::CloseHandle(target.hThread); |
240 return SBOX_TEST_TIMED_OUT; | 210 return SBOX_TEST_TIMED_OUT; |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
313 if (BEFORE_REVERT == state) | 283 if (BEFORE_REVERT == state) |
314 return command(argc - 4, argv + 4); | 284 return command(argc - 4, argv + 4); |
315 else if (EVERY_STATE == state) | 285 else if (EVERY_STATE == state) |
316 command(argc - 4, argv + 4); | 286 command(argc - 4, argv + 4); |
317 | 287 |
318 target->LowerToken(); | 288 target->LowerToken(); |
319 return command(argc - 4, argv + 4); | 289 return command(argc - 4, argv + 4); |
320 } | 290 } |
321 | 291 |
322 } // namespace sandbox | 292 } // namespace sandbox |
OLD | NEW |