1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef SANDBOX_SRC_HANDLE_CLOSER_H_
6#define SANDBOX_SRC_HANDLE_CLOSER_H_
7
8#include <map>
9#include <set>
10
11#include "base/basictypes.h"
12#include "base/strings/string16.h"
13#include "sandbox/win/src/interception.h"
14#include "sandbox/win/src/sandbox_types.h"
15#include "sandbox/win/src/target_process.h"
16
17namespace sandbox {
18
19// This is a map of handle-types to names that we need to close in the
20// target process. A null set means we need to close all handles of the
21// given type.
22typedef std::map<const base::string16, std::set<const base::string16> >
23    HandleMap;
24
25// Type and set of corresponding handle names to close.
26struct HandleListEntry {
27  size_t record_bytes;       // Rounded to sizeof(size_t) bytes.
28  size_t offset_to_names;    // Nul terminated strings of name_count names.
29  size_t name_count;
30  base::char16 handle_type[1];
31};
32
33// Global parameters and a pointer to the list of entries.
34struct HandleCloserInfo {
35  size_t record_bytes;       // Rounded to sizeof(size_t) bytes.
36  size_t num_handle_types;
37  struct HandleListEntry handle_entries[1];
38};
39
40SANDBOX_INTERCEPT HandleCloserInfo* g_handle_closer_info;
41
42// Adds handles to close after lockdown.
43class HandleCloser {
44 public:
45  HandleCloser();
46
47  // Adds a handle that will be closed in the target process after lockdown.
48  // A NULL value for handle_name indicates all handles of the specified type.
49  // An empty string for handle_name indicates the handle is unnamed.
50  ResultCode AddHandle(const base::char16* handle_type,
51                       const base::char16* handle_name);
52
53  // Serializes and copies the closer table into the target process.
54  bool InitializeTargetHandles(TargetProcess* target);
55
56 private:
57  // Calculates the memory needed to copy the serialized handles list (rounded
58  // to the nearest machine-word size).
59  size_t GetBufferSize();
60
61  // Serializes the handle list into the target process.
62  bool SetupHandleList(void* buffer, size_t buffer_bytes);
63
64  HandleMap handles_to_close_;
65
66  DISALLOW_COPY_AND_ASSIGN(HandleCloser);
67};
68
69// Returns the object manager's name associated with a handle
70bool GetHandleName(HANDLE handle, base::string16* handle_name);
71
72}  // namespace sandbox
73
74#endif  // SANDBOX_SRC_HANDLE_CLOSER_H_
75