Checking in the initial version of CEEE (Chrome Extensions Execution

Environment), an optional feature of Chrome Frame that acts as an adapter layer for a subset of the Chrome Extension APIs. This enables extensions that stick to the supported subset of APIs to work in the context of Chrome Frame with minimal or sometimes no changes. See http://www.chromium.org/developers/design-documents/ceee for an overview of the design of CEEE. TEST=unit tests (run ceee/smoke_tests.bat as an administrator on Windows) BUG=none git-svn-id: svn://svn.chromium.org/chrome/trunk/src@64712 0039d316-1c4b-4281-b951-d872f2087c98
author: initial.commit@chromium.org <initial.commit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-11-02 02:14:31 +0000
committer: initial.commit@chromium.org <initial.commit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-11-02 02:14:31 +0000
commit: 5a7bdf208c28c210b39cff63d1cf91302b02821b (patch)
tree: 5ff484561562f78b29d2670168a9e3b40b48dcab /ceee/common/process_utils_win.h
parent: 26a54a5e0f4603c8fda2fe51789d331125993c9a (diff)
download: chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.zip
chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.tar.gz
chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.tar.bz2
1 files changed, 122 insertions, 0 deletions
diff --git a/ceee/common/process_utils_win.h b/ceee/common/process_utils_win.h
new file mode 100644
index 0000000..e928791
--- /dev/null
+++ b/ceee/common/process_utils_win.h
@@ -0,0 +1,122 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// Utilities for process/threads in Windows.
+
+#ifndef CEEE_COMMON_PROCESS_UTILS_WIN_H_
+#define CEEE_COMMON_PROCESS_UTILS_WIN_H_
+
+#include <windows.h>
+#include <wtypes.h>
+
+#include <string>
+
+#include "base/basictypes.h"
+#include "base/singleton.h"
+#include "base/process_util.h"
+
+namespace process_utils_win {
+
+// Sets the integrity level of the specified thread, or the current thread
+// if thread is NULL. The level is a string as #defined in sddl.h, e.g.,
+// SDDL_ML_LOW or any string of the proper SID Component format as described
+// here: http://msdn.microsoft.com/en-us/library/aa379597(v=VS.85).aspx
+// Will return HRESULT_FROM_WIN32(ERROR_PRIVILEGE_NOT_HELD) if the provided
+// thread (or its process) have lower priviliges then the ones requested.
+HRESULT SetThreadIntegrityLevel(HANDLE* thread, const std::wstring& level);
+
+// Reset the thread integrity level to the process level. Again, if thread
+// is NULL, set the integrity level of the current thread.
+HRESULT ResetThreadIntegrityLevel(HANDLE* thread);
+
+// The bool pointer will be set to true if the current process has been started
+// in administrator's mode ('Run As Adminstrator') while UAC was active.
+// Programs started that way run at different integrity level than these
+// invoked by the user in a regular way.
+// More detailed analysis is with the implementation.
+HRESULT IsCurrentProcessUacElevated(bool* running_as_admin);
+
+// Checks if a given process is compatible with the current process.
+// Two processes are compatible if they run on the same platform-compatible and
+// are security-compatible.
+// The former makes sense on a 64-bit platform, where 32-bit processes inhabit
+// a separate subsystem (WOW64). Thus, two processes are platform-compatible
+// when both are 32-bit or both are 64-bit. It is noop on 32-bit systems.
+// Two processes are security-compatible when their integrity levels permit COM
+// communication between them. High integrity processes are compatible only with
+// other high integrity processes. A low or a medium integrity process is
+// compatible with any process that is either low or medium integrity.
+// Some considerations of security-compatibility are expanded upon in comments
+// with implementation.
+class ProcessCompatibilityCheck {
+ public:
+  // Is the process associated with the given window compatible with the
+  // current process. If the call returns an error code, the value of
+  // *is_compatible is undefined.
+  static HRESULT IsCompatible(HWND process_window, bool* is_compatible);
+
+  // Is the process of given ID compatible with the current process. If the
+  // call returns an error code, the value of *is_compatible is undefined.
+  static HRESULT IsCompatible(DWORD process_id, bool* is_compatible);
+
+ protected:
+  typedef HANDLE (WINAPI *OpenProcessFuncType)(DWORD, BOOL, DWORD);
+  typedef BOOL (WINAPI *CloseHandleFuncType)(HANDLE);
+  typedef BOOL (WINAPI *IsWOW64ProcessFuncType)(HANDLE, PBOOL);
+
+  // Non-trivial constructor will initialize default state. Possible error code
+  // will be stored for reference.
+  ProcessCompatibilityCheck();
+
+  // Exposed for unittesting only.
+  static void PatchState(WORD system_type, bool current_process_wow64,
+                         bool check_integrity,
+                         base::IntegrityLevel current_process_integrity,
+                         OpenProcessFuncType open_process_func,
+                         CloseHandleFuncType close_handle_func,
+                         IsWOW64ProcessFuncType is_wow64_process_func);
+  static void PatchState(OpenProcessFuncType open_process_func,
+                         CloseHandleFuncType close_handle_func,
+                         IsWOW64ProcessFuncType is_wow64_process_func);
+  // Reset to normal state.
+  static void ResetState();
+
+  // Is the process of given ID compatible with the current process?
+  HRESULT IsProcessCompatible(DWORD process_id, bool* is_compatible);
+
+ private:
+  // Initialization function taking true system state.
+  void StandardInitialize();
+
+  // Initialize call assigning given values to objects.
+  void KnownStateInitialize(WORD system_type, bool current_process_wow64,
+                            bool check_integrity,
+                            base::IntegrityLevel current_process_integrity);
+
+  // Functions checking aspects of 'compatibility' of processes with the
+  // current process.
+  HRESULT IsProcessPlatformCompatible(HANDLE process_handle,
+                                      bool* is_compatible);
+  HRESULT IsProcessIntegrityCompatible(HANDLE process_handle,
+                                       bool* is_compatible);
+
+  HRESULT initialization_result_;
+  bool running_on_amd64_platform_;
+  bool running_as_wow_64_;
+  bool integrity_checks_on_;
+  base::IntegrityLevel running_integrity_;
+
+  // Function pointers held to allow substituting with a test harness.
+  static OpenProcessFuncType open_process_func_;
+  static CloseHandleFuncType close_handle_func_;
+  static IsWOW64ProcessFuncType is_wow64_process_func_;
+
+  friend struct DefaultSingletonTraits<ProcessCompatibilityCheck>;
+
+  DISALLOW_COPY_AND_ASSIGN(ProcessCompatibilityCheck);
+};
+
+}  // namespace process_utils_win
+
+#endif  // CEEE_COMMON_PROCESS_UTILS_WIN_H_
author	initial.commit@chromium.org <initial.commit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-11-02 02:14:31 +0000
committer	initial.commit@chromium.org <initial.commit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-11-02 02:14:31 +0000
commit	5a7bdf208c28c210b39cff63d1cf91302b02821b (patch)
tree	5ff484561562f78b29d2670168a9e3b40b48dcab /ceee/common/process_utils_win.h
parent	26a54a5e0f4603c8fda2fe51789d331125993c9a (diff)
download	chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.zip chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.tar.gz chromium_src-5a7bdf208c28c210b39cff63d1cf91302b02821b.tar.bz2