1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_SRC_WOW64_H__ 6 #define SANDBOX_SRC_WOW64_H__ 7 8 #include <windows.h> 9 10 #include "base/basictypes.h" 11 #include "sandbox/win/src/sandbox_types.h" 12 13 namespace sandbox { 14 15 class TargetProcess; 16 17 // This class wraps the code needed to interact with the Windows On Windows 18 // subsystem on 64 bit OSes, from the point of view of interceptions. 19 class Wow64 { 20 public: Wow64(TargetProcess * child,HMODULE ntdll)21 Wow64(TargetProcess* child, HMODULE ntdll) 22 : child_(child), ntdll_(ntdll), dll_load_(NULL), continue_load_(NULL) {} 23 ~Wow64(); 24 25 // Waits for the 32 bit DLL to get loaded on the child process. This function 26 // will return immediately if not running under WOW, or launch the helper 27 // process and wait until ntdll is ready. 28 bool WaitForNtdll(); 29 30 private: 31 // Runs the WOW helper process, passing the address of a buffer allocated on 32 // the child (one page). 33 bool RunWowHelper(void* buffer); 34 35 // This method receives "notifications" whenever a DLL is mapped on the child. 36 bool DllMapped(); 37 38 // Returns true if ntdll.dll is mapped on the child. 39 bool NtdllPresent(); 40 41 TargetProcess* child_; // Child process. 42 HMODULE ntdll_; // ntdll on the parent. 43 HANDLE dll_load_; // Event that is signaled on dll load. 44 HANDLE continue_load_; // Event to signal to continue execution on the child. 45 DISALLOW_IMPLICIT_CONSTRUCTORS(Wow64); 46 }; 47 48 } // namespace sandbox 49 50 #endif // SANDBOX_SRC_WOW64_H__ 51