sandbox/win/src/target_process.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_
   6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_
   7
   8 #include <windows.h>
   9
  10 #include "base/basictypes.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/win/scoped_handle.h"
  13 #include "base/win/scoped_process_information.h"
  14 #include "sandbox/win/src/crosscall_server.h"
  15 #include "sandbox/win/src/sandbox_types.h"
  16
  17 namespace base {
  18 namespace win {
  19
  20 class StartupInformation;
  21
  22 };  // namespace win
  23 };  // namespace base
  24
  25 namespace sandbox {
  26
  27 class AttributeList;
  28 class SharedMemIPCServer;
  29 class ThreadProvider;
  30
  31 // TargetProcess models a target instance (child process). Objects of this
  32 // class are owned by the Policy used to create them.
  33 class TargetProcess {
  34  public:
  35   // The constructor takes ownership of |initial_token| and |lockdown_token|.
  36   TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job,
  37                 ThreadProvider* thread_pool);
  38   ~TargetProcess();
  39
  40   // TODO(cpu): Currently there does not seem to be a reason to implement
  41   // reference counting for this class since is internal, but kept the
  42   // the same interface so the interception framework does not need to be
  43   // touched at this point.
  44   void AddRef() {}
  45   void Release() {}
  46
  47   // Creates the new target process. The process is created suspended.
  48   // When |set_lockdown_token_after_create| is set, the lockdown token
  49   // is replaced after the process is created
  50   DWORD Create(const wchar_t* exe_path,
  51                const wchar_t* command_line,
  52                bool inherit_handles,
  53                bool set_lockdown_token_after_create,
  54                const base::win::StartupInformation& startup_info,
  55                base::win::ScopedProcessInformation* target_info);
  56
  57   // Destroys the target process.
  58   void Terminate();
  59
  60   // Creates the IPC objects such as the BrokerDispatcher and the
  61   // IPC server. The IPC server uses the services of the thread_pool.
  62   DWORD Init(Dispatcher* ipc_dispatcher, void* policy,
  63              uint32 shared_IPC_size, uint32 shared_policy_size);
  64
  65   // Returns the handle to the target process.
  66   HANDLE Process() const {
  67     return sandbox_process_info_.process_handle();
  68   }
  69
  70   // Returns the handle to the job object that the target process belongs to.
  71   HANDLE Job() const {
  72     return job_;
  73   }
  74
  75   // Returns the address of the target main exe. This is used by the
  76   // interceptions framework.
  77   HMODULE MainModule() const {
  78     return reinterpret_cast<HMODULE>(base_address_);
  79   }
  80
  81   // Returns the name of the executable.
  82   const wchar_t* Name() const {
  83     return exe_name_.get();
  84   }
  85
  86   // Returns the process id.
  87   DWORD ProcessId() const {
  88     return sandbox_process_info_.process_id();
  89   }
  90
  91   // Returns the handle to the main thread.
  92   HANDLE MainThread() const {
  93     return sandbox_process_info_.thread_handle();
  94   }
  95
  96   // Transfers a 32-bit variable between the broker and the target.
  97   ResultCode TransferVariable(const char* name, void* address, size_t size);
  98
  99  private:
 100   // Details of the target process.
 101   base::win::ScopedProcessInformation sandbox_process_info_;
 102   // The token associated with the process. It provides the core of the
 103   // sbox security.
 104   base::win::ScopedHandle lockdown_token_;
 105   // The token given to the initial thread so that the target process can
 106   // start. It has more powers than the lockdown_token.
 107   base::win::ScopedHandle initial_token_;
 108   // Kernel handle to the shared memory used by the IPC server.
 109   base::win::ScopedHandle shared_section_;
 110   // Job object containing the target process.
 111   HANDLE job_;
 112   // Reference to the IPC subsystem.
 113   scoped_ptr<SharedMemIPCServer> ipc_server_;
 114   // Provides the threads used by the IPC. This class does not own this pointer.
 115   ThreadProvider* thread_pool_;
 116   // Base address of the main executable
 117   void* base_address_;
 118   // Full name of the target executable.
 119   scoped_ptr<wchar_t, base::FreeDeleter> exe_name_;
 120
 121   // Function used for testing.
 122   friend TargetProcess* MakeTestTargetProcess(HANDLE process,
 123                                               HMODULE base_address);
 124
 125   DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess);
 126 };
 127
 128 // Creates a mock TargetProcess used for testing interceptions.
 129 // TODO(cpu): It seems that this method is not going to be used anymore.
 130 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address);
 131
 132
 133 }  // namespace sandbox
 134
 135 #endif  // SANDBOX_WIN_SRC_TARGET_PROCESS_H_