1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 6 #define SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 7 8 #include <windows.h> 9 10 #include "base/basictypes.h" 11 #include "base/memory/scoped_ptr.h" 12 #include "base/win/scoped_handle.h" 13 #include "base/win/scoped_process_information.h" 14 #include "sandbox/win/src/crosscall_server.h" 15 #include "sandbox/win/src/sandbox_types.h" 16 17 namespace base { 18 namespace win { 19 20 class StartupInformation; 21 22 }; // namespace win 23 }; // namespace base 24 25 namespace sandbox { 26 27 class AttributeList; 28 class SharedMemIPCServer; 29 class ThreadProvider; 30 31 // TargetProcess models a target instance (child process). Objects of this 32 // class are owned by the Policy used to create them. 33 class TargetProcess { 34 public: 35 // The constructor takes ownership of |initial_token| and |lockdown_token|. 36 TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job, 37 ThreadProvider* thread_pool); 38 ~TargetProcess(); 39 40 // TODO(cpu): Currently there does not seem to be a reason to implement 41 // reference counting for this class since is internal, but kept the 42 // the same interface so the interception framework does not need to be 43 // touched at this point. AddRef()44 void AddRef() {} Release()45 void Release() {} 46 47 // Creates the new target process. The process is created suspended. 48 DWORD Create(const wchar_t* exe_path, 49 const wchar_t* command_line, 50 bool inherit_handles, 51 const base::win::StartupInformation& startup_info, 52 base::win::ScopedProcessInformation* target_info); 53 54 // Destroys the target process. 55 void Terminate(); 56 57 // Creates the IPC objects such as the BrokerDispatcher and the 58 // IPC server. The IPC server uses the services of the thread_pool. 59 DWORD Init(Dispatcher* ipc_dispatcher, void* policy, 60 uint32 shared_IPC_size, uint32 shared_policy_size); 61 62 // Returns the handle to the target process. Process()63 HANDLE Process() const { 64 return sandbox_process_info_.process_handle(); 65 } 66 67 // Returns the handle to the job object that the target process belongs to. Job()68 HANDLE Job() const { 69 return job_; 70 } 71 72 // Returns the address of the target main exe. This is used by the 73 // interceptions framework. MainModule()74 HMODULE MainModule() const { 75 return reinterpret_cast<HMODULE>(base_address_); 76 } 77 78 // Returns the name of the executable. Name()79 const wchar_t* Name() const { 80 return exe_name_.get(); 81 } 82 83 // Returns the process id. ProcessId()84 DWORD ProcessId() const { 85 return sandbox_process_info_.process_id(); 86 } 87 88 // Returns the handle to the main thread. MainThread()89 HANDLE MainThread() const { 90 return sandbox_process_info_.thread_handle(); 91 } 92 93 // Transfers a 32-bit variable between the broker and the target. 94 ResultCode TransferVariable(const char* name, void* address, size_t size); 95 96 private: 97 // Details of the target process. 98 base::win::ScopedProcessInformation sandbox_process_info_; 99 // The token associated with the process. It provides the core of the 100 // sbox security. 101 base::win::ScopedHandle lockdown_token_; 102 // The token given to the initial thread so that the target process can 103 // start. It has more powers than the lockdown_token. 104 base::win::ScopedHandle initial_token_; 105 // Kernel handle to the shared memory used by the IPC server. 106 base::win::ScopedHandle shared_section_; 107 // Job object containing the target process. 108 HANDLE job_; 109 // Reference to the IPC subsystem. 110 scoped_ptr<SharedMemIPCServer> ipc_server_; 111 // Provides the threads used by the IPC. This class does not own this pointer. 112 ThreadProvider* thread_pool_; 113 // Base address of the main executable 114 void* base_address_; 115 // Full name of the target executable. 116 scoped_ptr_malloc<wchar_t> exe_name_; 117 118 // Function used for testing. 119 friend TargetProcess* MakeTestTargetProcess(HANDLE process, 120 HMODULE base_address); 121 122 DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess); 123 }; 124 125 // Creates a mock TargetProcess used for testing interceptions. 126 // TODO(cpu): It seems that this method is not going to be used anymore. 127 TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address); 128 129 130 } // namespace sandbox 131 132 #endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 133