1 files changed, 122 insertions, 0 deletions
diff --git a/ceee/common/process_utils_win.h b/ceee/common/process_utils_win.h
new file mode 100644
index 0000000..e928791
--- /dev/null
+++ b/ceee/common/process_utils_win.h
@@ -0,0 +1,122 @@
+// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// Utilities for process/threads in Windows.
+
+#ifndef CEEE_COMMON_PROCESS_UTILS_WIN_H_
+#define CEEE_COMMON_PROCESS_UTILS_WIN_H_
+
+#include <windows.h>
+#include <wtypes.h>
+
+#include <string>
+
+#include "base/basictypes.h"
+#include "base/singleton.h"
+#include "base/process_util.h"
+
+namespace process_utils_win {
+
+// Sets the integrity level of the specified thread, or the current thread
+// if thread is NULL. The level is a string as #defined in sddl.h, e.g.,
+// SDDL_ML_LOW or any string of the proper SID Component format as described
+// here: http://msdn.microsoft.com/en-us/library/aa379597(v=VS.85).aspx
+// Will return HRESULT_FROM_WIN32(ERROR_PRIVILEGE_NOT_HELD) if the provided
+// thread (or its process) have lower priviliges then the ones requested.
+HRESULT SetThreadIntegrityLevel(HANDLE* thread, const std::wstring& level);
+
+// Reset the thread integrity level to the process level. Again, if thread
+// is NULL, set the integrity level of the current thread.
+HRESULT ResetThreadIntegrityLevel(HANDLE* thread);
+
+// The bool pointer will be set to true if the current process has been started
+// in administrator's mode ('Run As Adminstrator') while UAC was active.
+// Programs started that way run at different integrity level than these
+// invoked by the user in a regular way.
+// More detailed analysis is with the implementation.
+HRESULT IsCurrentProcessUacElevated(bool* running_as_admin);
+
+// Checks if a given process is compatible with the current process.
+// Two processes are compatible if they run on the same platform-compatible and
+// are security-compatible.
+// The former makes sense on a 64-bit platform, where 32-bit processes inhabit
+// a separate subsystem (WOW64). Thus, two processes are platform-compatible
+// when both are 32-bit or both are 64-bit. It is noop on 32-bit systems.
+// Two processes are security-compatible when their integrity levels permit COM
+// communication between them. High integrity processes are compatible only with
+// other high integrity processes. A low or a medium integrity process is
+// compatible with any process that is either low or medium integrity.
+// Some considerations of security-compatibility are expanded upon in comments
+// with implementation.
+class ProcessCompatibilityCheck {
+ public:
+  // Is the process associated with the given window compatible with the
+  // current process. If the call returns an error code, the value of
+  // *is_compatible is undefined.
+  static HRESULT IsCompatible(HWND process_window, bool* is_compatible);
+
+  // Is the process of given ID compatible with the current process. If the
+  // call returns an error code, the value of *is_compatible is undefined.
+  static HRESULT IsCompatible(DWORD process_id, bool* is_compatible);
+
+ protected:
+  typedef HANDLE (WINAPI *OpenProcessFuncType)(DWORD, BOOL, DWORD);
+  typedef BOOL (WINAPI *CloseHandleFuncType)(HANDLE);
+  typedef BOOL (WINAPI *IsWOW64ProcessFuncType)(HANDLE, PBOOL);
+
+  // Non-trivial constructor will initialize default state. Possible error code
+  // will be stored for reference.
+  ProcessCompatibilityCheck();
+
+  // Exposed for unittesting only.
+  static void PatchState(WORD system_type, bool current_process_wow64,
+                         bool check_integrity,
+                         base::IntegrityLevel current_process_integrity,
+                         OpenProcessFuncType open_process_func,
+                         CloseHandleFuncType close_handle_func,
+                         IsWOW64ProcessFuncType is_wow64_process_func);
+  static void PatchState(OpenProcessFuncType open_process_func,
+                         CloseHandleFuncType close_handle_func,
+                         IsWOW64ProcessFuncType is_wow64_process_func);
+  // Reset to normal state.
+  static void ResetState();
+
+  // Is the process of given ID compatible with the current process?
+  HRESULT IsProcessCompatible(DWORD process_id, bool* is_compatible);
+
+ private:
+  // Initialization function taking true system state.
+  void StandardInitialize();
+
+  // Initialize call assigning given values to objects.
+  void KnownStateInitialize(WORD system_type, bool current_process_wow64,
+                            bool check_integrity,
+                            base::IntegrityLevel current_process_integrity);
+
+  // Functions checking aspects of 'compatibility' of processes with the
+  // current process.
+  HRESULT IsProcessPlatformCompatible(HANDLE process_handle,
+                                      bool* is_compatible);
+  HRESULT IsProcessIntegrityCompatible(HANDLE process_handle,
+                                       bool* is_compatible);
+
+  HRESULT initialization_result_;
+  bool running_on_amd64_platform_;
+  bool running_as_wow_64_;
+  bool integrity_checks_on_;
+  base::IntegrityLevel running_integrity_;
+
+  // Function pointers held to allow substituting with a test harness.
+  static OpenProcessFuncType open_process_func_;
+  static CloseHandleFuncType close_handle_func_;
+  static IsWOW64ProcessFuncType is_wow64_process_func_;
+
+  friend struct DefaultSingletonTraits<ProcessCompatibilityCheck>;
+
+  DISALLOW_COPY_AND_ASSIGN(ProcessCompatibilityCheck);
+};
+
+}  // namespace process_utils_win
+
+#endif  // CEEE_COMMON_PROCESS_UTILS_WIN_H_