1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 6#define SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 7 8#include <windows.h> 9 10#include "base/basictypes.h" 11#include "base/memory/scoped_ptr.h" 12#include "base/win/scoped_handle.h" 13#include "base/win/scoped_process_information.h" 14#include "sandbox/win/src/crosscall_server.h" 15#include "sandbox/win/src/sandbox_types.h" 16 17namespace base { 18namespace win { 19 20class StartupInformation; 21 22}; // namespace win 23}; // namespace base 24 25namespace sandbox { 26 27class AttributeList; 28class SharedMemIPCServer; 29class ThreadProvider; 30 31// TargetProcess models a target instance (child process). Objects of this 32// class are owned by the Policy used to create them. 33class TargetProcess { 34 public: 35 // The constructor takes ownership of |initial_token| and |lockdown_token|. 36 TargetProcess(HANDLE initial_token, HANDLE lockdown_token, HANDLE job, 37 ThreadProvider* thread_pool); 38 ~TargetProcess(); 39 40 // TODO(cpu): Currently there does not seem to be a reason to implement 41 // reference counting for this class since is internal, but kept the 42 // the same interface so the interception framework does not need to be 43 // touched at this point. 44 void AddRef() {} 45 void Release() {} 46 47 // Creates the new target process. The process is created suspended. 48 DWORD Create(const wchar_t* exe_path, 49 const wchar_t* command_line, 50 bool inherit_handles, 51 const base::win::StartupInformation& startup_info, 52 base::win::ScopedProcessInformation* target_info); 53 54 // Destroys the target process. 55 void Terminate(); 56 57 // Creates the IPC objects such as the BrokerDispatcher and the 58 // IPC server. The IPC server uses the services of the thread_pool. 59 DWORD Init(Dispatcher* ipc_dispatcher, void* policy, 60 uint32 shared_IPC_size, uint32 shared_policy_size); 61 62 // Returns the handle to the target process. 63 HANDLE Process() const { 64 return sandbox_process_info_.process_handle(); 65 } 66 67 // Returns the handle to the job object that the target process belongs to. 68 HANDLE Job() const { 69 return job_; 70 } 71 72 // Returns the address of the target main exe. This is used by the 73 // interceptions framework. 74 HMODULE MainModule() const { 75 return reinterpret_cast<HMODULE>(base_address_); 76 } 77 78 // Returns the name of the executable. 79 const wchar_t* Name() const { 80 return exe_name_.get(); 81 } 82 83 // Returns the process id. 84 DWORD ProcessId() const { 85 return sandbox_process_info_.process_id(); 86 } 87 88 // Returns the handle to the main thread. 89 HANDLE MainThread() const { 90 return sandbox_process_info_.thread_handle(); 91 } 92 93 // Transfers a 32-bit variable between the broker and the target. 94 ResultCode TransferVariable(const char* name, void* address, size_t size); 95 96 private: 97 // Details of the target process. 98 base::win::ScopedProcessInformation sandbox_process_info_; 99 // The token associated with the process. It provides the core of the 100 // sbox security. 101 base::win::ScopedHandle lockdown_token_; 102 // The token given to the initial thread so that the target process can 103 // start. It has more powers than the lockdown_token. 104 base::win::ScopedHandle initial_token_; 105 // Kernel handle to the shared memory used by the IPC server. 106 base::win::ScopedHandle shared_section_; 107 // Job object containing the target process. 108 HANDLE job_; 109 // Reference to the IPC subsystem. 110 scoped_ptr<SharedMemIPCServer> ipc_server_; 111 // Provides the threads used by the IPC. This class does not own this pointer. 112 ThreadProvider* thread_pool_; 113 // Base address of the main executable 114 void* base_address_; 115 // Full name of the target executable. 116 scoped_ptr<wchar_t, base::FreeDeleter> exe_name_; 117 118 // Function used for testing. 119 friend TargetProcess* MakeTestTargetProcess(HANDLE process, 120 HMODULE base_address); 121 122 DISALLOW_IMPLICIT_CONSTRUCTORS(TargetProcess); 123}; 124 125// Creates a mock TargetProcess used for testing interceptions. 126// TODO(cpu): It seems that this method is not going to be used anymore. 127TargetProcess* MakeTestTargetProcess(HANDLE process, HMODULE base_address); 128 129 130} // namespace sandbox 131 132#endif // SANDBOX_WIN_SRC_TARGET_PROCESS_H_ 133