sandbox/win/src/target_process.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_
   6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_
   7
   8 #include <windows.h>
   9
  10 #include "base/basictypes.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/win/scoped_handle.h"
  13 #include "base/win/scoped_process_information.h"
  14 #include "sandbox/win/src/crosscall_server.h"
  15 #include "sandbox/win/src/sandbox_types.h"
  16
  17 namespace base {
  18 namespace win {
  19
  20 class StartupInformation;
  21
  22 };  // namespace win
  23 };  // namespace base
  24
  25 namespace sandbox {
  26
  27 class AttributeList;
  28 class SharedMemIPCServer;
  29 class ThreadProvider;
  30
  31 // TargetProcess models a target instance (child process). Objects of this
  32 // class are owned by the Policy used to create them.
  33 class TargetProcess {
  34  public:
  35   // The constructor takes ownership of |initial_token| and |lockdown_token|.
  36   TargetProcess(base::win::ScopedHandle initial_token,
  37                 base::win::ScopedHandle lockdown_token,
  38                 HANDLE job, ThreadProvider* thread_pool);
  39   ~TargetProcess();
  40
  41   // TODO(cpu): Currently there does not seem to be a reason to implement
  42   // reference counting for this class since is internal, but kept the
  43   // the same interface so the interception framework does not need to be
  44   // touched at this point.
  45   void AddRef() {}
  46   void Release() {}
  47
  48   // Creates the new target process. The process is created suspended.
  49   // When |set_lockdown_token_after_create| is set, the lockdown token
  50   // is replaced after the process is created
  51   DWORD Create(const wchar_t* exe_path,
  52                const wchar_t* command_line,
  53                bool inherit_handles,
  54                bool set_lockdown_token_after_create,
  55                const base::win::StartupInformation& startup_info,
  56                base::win::ScopedProcessInformation* target_info);
  57
  58   // Destroys the target process.
  59   void Terminate();
  60
  61   // Creates the IPC objects such as the BrokerDispatcher and the
  62   // IPC server. The IPC server uses the services of the thread_pool.
  63   DWORD Init(Dispatcher* ipc_dispatcher, void* policy,
  64              uint32 shared_IPC_size, uint32 shared_policy_size);
  65
  66   // Returns the handle to the target process.
  67   HANDLE Process() const {
  68     return sandbox_process_info_.process_handle();
  69   }
  70
  71   // Returns the handle to the job object that the target process belongs to.
  72   HANDLE Job() const {
  73     return job_;
  74   }
  75
  76   // Returns the address of the target main exe. This is used by the
  77   // interceptions framework.
  78   HMODULE MainModule() const {
  79     return reinterpret_cast<HMODULE>(base_address_);
  80   }
  81
  82   // Returns the name of the executable.
  83   const wchar_t* Name() const {
  84     return exe_name_.get();
  85   }
  86
  87   // Returns the process id.
  88   DWORD ProcessId() const {
  89     return sandbox_process_info_.process_id();
  90   }
  91
  92   // Returns the handle to the main thread.
  93   HANDLE MainThread() const {
  94     return sandbox_process_info_.thread_handle();
  95   }
  96
  97   // Transfers a 32-bit variable between the broker and the target.
  98   ResultCode TransferVariable(const char* name, void* address, size_t size);
  99
 100  private:
 101   // Details of the target process.
 102   base::win::ScopedProcessInformation sandbox_process_info_;
 103   // The token associated with the process. It provides the core of the
 104   // sbox security.
 105   base::win::ScopedHandle lockdown_token_;
 106   // The token given to the initial thread so that the target process can
 107   // start. It has more powers than the lockdown_token.
 108   base::win::ScopedHandle initial_token_;
 109   // Kernel handle to the shared memory used by the IPC server.
 110   base::win::ScopedHandle shared_section_;
 111   // Job object containing the target process.
 112   HANDLE job_;
 113   // Reference to the IPC subsystem.
 114   scoped_ptr<SharedMemIPCServer> ipc_server_;
 115   // Provides the threads used by the IPC. This class does not own this pointer.
 116   ThreadProvider* thread_pool_;
 117   // Base address of the main executable
 118   void* base_address_;
 119   // Full name of the target executable.
 120   scoped_ptr<wchar_t, base::FreeDeleter> exe_name_;
 121
 122   // Function used for testing.
 123   friend TargetProcess* MakeTestTargetProcess(HANDLE process,
 124                                               HMODULE base_address);
 125
 126   DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess);
 127 };
 128
 129 // Creates a mock TargetProcess used for testing interceptions.
 130 // TODO(cpu): It seems that this method is not going to be used anymore.
 131 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address);
 132
 133
 134 }  // namespace sandbox
 135
 136 #endif  // SANDBOX_WIN_SRC_TARGET_PROCESS_H_