diff options
Diffstat (limited to 'chromium/content/browser/utility_process_host_impl.cc')
-rw-r--r-- | chromium/content/browser/utility_process_host_impl.cc | 92 |
1 files changed, 67 insertions, 25 deletions
diff --git a/chromium/content/browser/utility_process_host_impl.cc b/chromium/content/browser/utility_process_host_impl.cc index ed53fe82c61..ddc41a74131 100644 --- a/chromium/content/browser/utility_process_host_impl.cc +++ b/chromium/content/browser/utility_process_host_impl.cc @@ -23,34 +23,65 @@ #include "content/public/browser/utility_process_host_client.h" #include "content/public/common/content_switches.h" #include "content/public/common/process_type.h" +#include "content/public/common/sandboxed_process_launcher_delegate.h" #include "ipc/ipc_switches.h" #include "ui/base/ui_base_switches.h" -#if defined(OS_WIN) -#include "content/public/common/sandboxed_process_launcher_delegate.h" -#endif - namespace content { -#if defined(OS_WIN) // NOTE: changes to this class need to be reviewed by the security team. class UtilitySandboxedProcessLauncherDelegate : public SandboxedProcessLauncherDelegate { public: - explicit UtilitySandboxedProcessLauncherDelegate( - const base::FilePath& exposed_dir) : exposed_dir_(exposed_dir) {} + UtilitySandboxedProcessLauncherDelegate(const base::FilePath& exposed_dir, + bool launch_elevated, bool no_sandbox, + base::EnvironmentMap& env, + ChildProcessHost* host) + : exposed_dir_(exposed_dir), +#if defined(OS_WIN) + launch_elevated_(launch_elevated) +#elif defined(OS_POSIX) + env_(env), + no_sandbox_(no_sandbox), + ipc_fd_(host->TakeClientFileDescriptor()) +#endif // OS_WIN + {} + virtual ~UtilitySandboxedProcessLauncherDelegate() {} +#if defined(OS_WIN) + virtual bool ShouldLaunchElevated() OVERRIDE { + return launch_elevated_; + } virtual void PreSandbox(bool* disable_default_policy, base::FilePath* exposed_dir) OVERRIDE { *exposed_dir = exposed_dir_; } +#elif defined(OS_POSIX) -private: - base::FilePath exposed_dir_; -}; -#endif + virtual bool ShouldUseZygote() OVERRIDE { + return !no_sandbox_ && exposed_dir_.empty(); + } + virtual base::EnvironmentMap GetEnvironment() OVERRIDE { + return env_; + } + virtual int GetIpcFd() OVERRIDE { + return ipc_fd_; + } +#endif // OS_WIN + private: + + base::FilePath exposed_dir_; + +#if defined(OS_WIN) + bool launch_elevated_; +#elif defined(OS_POSIX) + base::EnvironmentMap env_; + bool no_sandbox_; + int ipc_fd_; +#endif // OS_WIN +}; UtilityMainThreadFactoryFunction g_utility_main_thread_factory = NULL; @@ -60,7 +91,7 @@ UtilityProcessHost* UtilityProcessHost::Create( return new UtilityProcessHostImpl(client, client_task_runner); } -void UtilityProcessHost::RegisterUtilityMainThreadFactory( +void UtilityProcessHostImpl::RegisterUtilityMainThreadFactory( UtilityMainThreadFactoryFunction create) { g_utility_main_thread_factory = create; } @@ -73,6 +104,7 @@ UtilityProcessHostImpl::UtilityProcessHostImpl( is_batch_mode_(false), is_mdns_enabled_(false), no_sandbox_(false), + run_elevated_(false), #if defined(OS_LINUX) child_flags_(ChildProcessHost::CHILD_ALLOW_SELF), #else @@ -119,6 +151,13 @@ void UtilityProcessHostImpl::DisableSandbox() { no_sandbox_ = true; } +#if defined(OS_WIN) +void UtilityProcessHostImpl::ElevatePrivileges() { + no_sandbox_ = true; + run_elevated_ = true; +} +#endif + const ChildProcessData& UtilityProcessHostImpl::GetData() { return process_->GetData(); } @@ -142,7 +181,7 @@ bool UtilityProcessHostImpl::StartProcess() { // Name must be set or metrics_service will crash in any test which // launches a UtilityProcessHost. process_.reset(new BrowserChildProcessHostImpl(PROCESS_TYPE_UTILITY, this)); - process_->SetName(ASCIIToUTF16("utility process")); + process_->SetName(base::ASCIIToUTF16("utility process")); std::string channel_id = process_->GetHost()->CreateChannel(); if (channel_id.empty()) @@ -210,21 +249,17 @@ bool UtilityProcessHostImpl::StartProcess() { if (is_mdns_enabled_) cmd_line->AppendSwitch(switches::kUtilityProcessEnableMDns); - bool use_zygote = false; - -#if defined(OS_LINUX) - // The Linux sandbox does not support granting access to a single directory, - // so we need to bypass the zygote in that case. - use_zygote = !no_sandbox_ && exposed_dir_.empty(); +#if defined(OS_WIN) + // Let the utility process know if it is intended to be elevated. + if (run_elevated_) + cmd_line->AppendSwitch(switches::kUtilityProcessRunningElevated); #endif process_->Launch( -#if defined(OS_WIN) - new UtilitySandboxedProcessLauncherDelegate(exposed_dir_), -#elif defined(OS_POSIX) - use_zygote, - env_, -#endif + new UtilitySandboxedProcessLauncherDelegate(exposed_dir_, + run_elevated_, + no_sandbox_, env_, + process_->GetHost()), cmd_line); } @@ -240,6 +275,13 @@ bool UtilityProcessHostImpl::OnMessageReceived(const IPC::Message& message) { return true; } +void UtilityProcessHostImpl::OnProcessLaunchFailed() { + client_task_runner_->PostTask( + FROM_HERE, + base::Bind(&UtilityProcessHostClient::OnProcessLaunchFailed, + client_.get())); +} + void UtilityProcessHostImpl::OnProcessCrashed(int exit_code) { client_task_runner_->PostTask( FROM_HERE, |