summaryrefslogtreecommitdiffstats
path: root/security/sandbox/chromium/sandbox/win/src/broker_services.cc
diff options
context:
space:
mode:
Diffstat (limited to 'security/sandbox/chromium/sandbox/win/src/broker_services.cc')
-rw-r--r--security/sandbox/chromium/sandbox/win/src/broker_services.cc75
1 files changed, 15 insertions, 60 deletions
diff --git a/security/sandbox/chromium/sandbox/win/src/broker_services.cc b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
index 0ba71bbd5d..613becf37b 100644
--- a/security/sandbox/chromium/sandbox/win/src/broker_services.cc
+++ b/security/sandbox/chromium/sandbox/win/src/broker_services.cc
@@ -159,8 +159,6 @@ ResultCode BrokerServicesBase::Init() {
if (job_port_.IsValid() || thread_pool_)
return SBOX_ERROR_UNEXPECTED_CALL;
- ::InitializeCriticalSection(&lock_);
-
job_port_.Set(::CreateIoCompletionPort(INVALID_HANDLE_VALUE, nullptr, 0, 0));
if (!job_port_.IsValid())
return SBOX_ERROR_CANNOT_INIT_BROKERSERVICES;
@@ -201,7 +199,6 @@ BrokerServicesBase::~BrokerServicesBase() {
return;
}
thread_pool_.reset();
- ::DeleteCriticalSection(&lock_);
}
scoped_refptr<TargetPolicy> BrokerServicesBase::CreatePolicy() {
@@ -294,11 +291,6 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {
case JOB_OBJECT_MSG_EXIT_PROCESS:
case JOB_OBJECT_MSG_ABNORMAL_EXIT_PROCESS: {
- {
- AutoLock lock(&broker->lock_);
- broker->active_targets_.erase(
- static_cast<DWORD>(reinterpret_cast<uintptr_t>(ovl)));
- }
size_t erase_result = child_process_ids.erase(
static_cast<DWORD>(reinterpret_cast<uintptr_t>(ovl)));
if (erase_result != 1U) {
@@ -364,11 +356,6 @@ DWORD WINAPI BrokerServicesBase::TargetEventsThread(PVOID param) {
ProcessTracker* tracker =
static_cast<ProcessTracker*>(reinterpret_cast<void*>(ovl));
- {
- AutoLock lock(&broker->lock_);
- broker->active_targets_.erase(tracker->process_id);
- }
-
::UnregisterWait(tracker->wait_handle);
tracker->wait_handle = INVALID_HANDLE_VALUE;
// Copy process_id so that we can legally reference it even after we have
@@ -659,19 +646,26 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
// SpawnCleanup() caused deletion of TargetProcess twice. crbug.com/480639
CHECK(
AssociateCompletionPort(tracker->job.Get(), job_port_.Get(), tracker));
-
- AutoLock lock(&lock_);
- active_targets_.insert(process_info.process_id());
} else {
- result = AddTargetPeerInternal(process_info.process_handle(),
- process_info.process_id(),
- policy_base, last_error);
- if (result != SBOX_ALL_OK) {
+ // Duplicate the process handle to give the tracking machinery
+ // something valid to wait on in the tracking thread.
+ HANDLE tmp_process_handle = INVALID_HANDLE_VALUE;
+ if (!::DuplicateHandle(::GetCurrentProcess(), process_info.process_handle(),
+ ::GetCurrentProcess(), &tmp_process_handle,
+ SYNCHRONIZE, false, 0 /*no options*/)) {
+ *last_error = ::GetLastError();
// This may fail in the same way as Job associated processes.
// crbug.com/480639.
target->Terminate();
- return result;
+ return SBOX_ERROR_CANNOT_DUPLICATE_PROCESS_HANDLE;
}
+ base::win::ScopedHandle dup_process_handle(tmp_process_handle);
+ ProcessTracker* tracker = new ProcessTracker(
+ policy_base, process_info.process_id(), std::move(dup_process_handle));
+ // The tracker and policy will leak if this call fails.
+ ::PostQueuedCompletionStatus(job_port_.Get(), 0,
+ THREAD_CTRL_NEW_PROCESS_TRACKER,
+ reinterpret_cast<LPOVERLAPPED>(tracker));
}
*target_info = process_info.Take();
@@ -683,45 +677,6 @@ ResultCode BrokerServicesBase::WaitForAllTargets() {
return SBOX_ALL_OK;
}
-bool BrokerServicesBase::IsSafeDuplicationTarget(DWORD process_id) {
- AutoLock lock(&lock_);
- return active_targets_.find(process_id) != active_targets_.end();
-}
-
-ResultCode BrokerServicesBase::AddTargetPeerInternal(
- HANDLE peer_process_handle,
- DWORD peer_process_id,
- scoped_refptr<PolicyBase> policy_base,
- DWORD* last_error) {
- // Duplicate the process handle to give the tracking machinery
- // something valid to wait on in the tracking thread.
- HANDLE tmp_process_handle = INVALID_HANDLE_VALUE;
- if (!::DuplicateHandle(::GetCurrentProcess(), peer_process_handle,
- ::GetCurrentProcess(), &tmp_process_handle,
- SYNCHRONIZE, false, 0 /*no options*/)) {
- *last_error = ::GetLastError();
- return SBOX_ERROR_CANNOT_DUPLICATE_PROCESS_HANDLE;
- }
- base::win::ScopedHandle dup_process_handle(tmp_process_handle);
- ProcessTracker* tracker = new ProcessTracker(
- policy_base, peer_process_id, std::move(dup_process_handle));
- // The tracker and policy will leak if this call fails.
- ::PostQueuedCompletionStatus(job_port_.Get(), 0,
- THREAD_CTRL_NEW_PROCESS_TRACKER,
- reinterpret_cast<LPOVERLAPPED>(tracker));
-
- AutoLock lock(&lock_);
- active_targets_.insert(peer_process_id);
-
- return SBOX_ALL_OK;
-}
-
-ResultCode BrokerServicesBase::AddTargetPeer(HANDLE peer_process) {
- DWORD last_error;
- return AddTargetPeerInternal(peer_process, ::GetProcessId(peer_process),
- nullptr, &last_error);
-}
-
ResultCode BrokerServicesBase::GetPolicyDiagnostics(
std::unique_ptr<PolicyDiagnosticsReceiver> receiver) {
CHECK(job_thread_.IsValid());
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 17:36:04 +0000