diff options
Diffstat (limited to 'content/public')
| -rw-r--r-- | content/public/common/sandbox_init.cc | 44 | ||||
| -rw-r--r-- | content/public/common/sandbox_init.h | 10 |
2 files changed, 54 insertions, 0 deletions
diff --git a/content/public/common/sandbox_init.cc b/content/public/common/sandbox_init.cc new file mode 100644 index 0000000..528eec7 --- /dev/null +++ b/content/public/common/sandbox_init.cc @@ -0,0 +1,44 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "content/public/common/sandbox_init.h" + +#if defined(OS_ANDROID) +#include <unistd.h> +#endif + +namespace content { + +IPC::PlatformFileForTransit BrokerGetFileHandleForProcess( + base::PlatformFile handle, + base::ProcessId target_process_id, + bool should_close_source) { + IPC::PlatformFileForTransit out_handle; +#if defined(OS_WIN) + DWORD options = DUPLICATE_SAME_ACCESS; + if (should_close_source) + options |= DUPLICATE_CLOSE_SOURCE; + if (!content::BrokerDuplicateHandle(handle, target_process_id, &out_handle, + 0, options)) { + out_handle = IPC::InvalidPlatformFileForTransit(); + } +#elif defined(OS_POSIX) + // If asked to close the source, we can simply re-use the source fd instead of + // dup()ing and close()ing. + // When we're not closing the source, we need to duplicate the handle and take + // ownership of that. The reason is that this function is often used to + // generate IPC messages, and the handle must remain valid until it's sent to + // the other process from the I/O thread. Without the dup, calling code might + // close the source handle before the message is sent, creating a race + // condition. + int fd = should_close_source ? handle : ::dup(handle); + out_handle = base::FileDescriptor(fd, true); +#else + #error Not implemented. +#endif + return out_handle; +} + +} // namespace content + diff --git a/content/public/common/sandbox_init.h b/content/public/common/sandbox_init.h index 24da5a9..a6dcccc 100644 --- a/content/public/common/sandbox_init.h +++ b/content/public/common/sandbox_init.h @@ -9,6 +9,7 @@ #include "base/process.h" #include "build/build_config.h" #include "content/common/content_export.h" +#include "ipc/ipc_platform_file.h" #if defined(OS_WIN) namespace sandbox { @@ -76,6 +77,15 @@ CONTENT_EXPORT void InitializeSandbox(); #endif +// Platform neutral wrapper for making an exact copy of a handle for use in +// the target process. On Windows this wraps BrokerDuplicateHandle() with the +// DUPLICATE_SAME_ACCESS flag. On posix it behaves essentially the same as +// IPC::GetFileHandleForProcess() +CONTENT_EXPORT IPC::PlatformFileForTransit BrokerGetFileHandleForProcess( + base::PlatformFile handle, + base::ProcessId target_process_id, + bool should_close_source); + } // namespace content #endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ |