Re-land: [mojo] Use a pipe path to initialise Mojo in elevated utility processes.
Elevated processes can't be passed HANDLEs, so instead, IPC channels
must be initialised by passing a pipe path on the command line. For security,
passing a pipe path is only done for elevated process and no other process
types.
This reland is identical to the original:
https://codereview.chromium.org/1893313003
The uninitialised read error that caused the revert is fixed separately
at https://codereview.chromium.org/2008953003/
BUG=604282
TBR=rockot@chromium.org,forshaw@chromium.org,nick@chromium.org
Review-Url: https://codereview.chromium.org/2013733002
Cr-Commit-Position: refs/heads/master@{#396766}
CrOS-Libchrome-Original-Commit: b613891eb01125a395923e5e7e73806757aa89ca
diff --git a/mojo/edk/embedder/named_platform_channel_pair.h b/mojo/edk/embedder/named_platform_channel_pair.h
new file mode 100644
index 0000000..0dcbde5
--- /dev/null
+++ b/mojo/edk/embedder/named_platform_channel_pair.h
@@ -0,0 +1,64 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef MOJO_EDK_EMBEDDER_NAMED_PLATFORM_CHANNEL_PAIR_H_
+#define MOJO_EDK_EMBEDDER_NAMED_PLATFORM_CHANNEL_PAIR_H_
+
+#include <string>
+
+#include "base/macros.h"
+#include "base/strings/string16.h"
+#include "build/build_config.h"
+#include "mojo/edk/embedder/scoped_platform_handle.h"
+#include "mojo/edk/system/system_impl_export.h"
+
+namespace base {
+class CommandLine;
+}
+
+namespace mojo {
+namespace edk {
+
+// This is used to create a named bidirectional pipe to connect new child
+// processes. The resulting server handle should be passed to the EDK, and the
+// child end passed as a pipe name on the command line to the child process. The
+// child process can then retrieve the pipe name from the command line and
+// resolve it into a client handle.
+class MOJO_SYSTEM_IMPL_EXPORT NamedPlatformChannelPair {
+ public:
+ NamedPlatformChannelPair();
+ ~NamedPlatformChannelPair();
+
+ // Note: It is NOT acceptable to use this handle as a generic pipe channel. It
+ // MUST be passed to mojo::edk::ChildProcessLaunched() only.
+ ScopedPlatformHandle PassServerHandle();
+
+ // To be called in the child process, after the parent process called
+ // |PrepareToPassClientHandleToChildProcess()| and launched the child (using
+ // the provided data), to create a client handle connected to the server
+ // handle (in the parent process).
+ static ScopedPlatformHandle PassClientHandleFromParentProcess(
+ const base::CommandLine& command_line);
+
+ // Prepares to pass the client channel to a new child process, to be launched
+ // using |LaunchProcess()| (from base/launch.h). Modifies |*command_line| and
+ // |*handle_passing_info| as needed.
+ // Note: For Windows, this method only works on Vista and later.
+ void PrepareToPassClientHandleToChildProcess(
+ base::CommandLine* command_line) const;
+
+ private:
+ ScopedPlatformHandle server_handle_;
+
+#if defined(OS_WIN)
+ base::string16 pipe_name_;
+#endif
+
+ DISALLOW_COPY_AND_ASSIGN(NamedPlatformChannelPair);
+};
+
+} // namespace edk
+} // namespace mojo
+
+#endif // MOJO_EDK_EMBEDDER_NAMED_PLATFORM_CHANNEL_PAIR_H_
diff --git a/mojo/edk/embedder/platform_handle.h b/mojo/edk/embedder/platform_handle.h
index 4978d8c..4f76009 100644
--- a/mojo/edk/embedder/platform_handle.h
+++ b/mojo/edk/embedder/platform_handle.h
@@ -72,6 +72,10 @@
// A Windows HANDLE may be duplicated to another process but not yet sent to
// that process. This tracks the handle's owning process.
base::ProcessHandle owning_process;
+
+ // A Windows HANDLE may be an unconnected named pipe. In this case, we need to
+ // wait for a connection before communicating on the pipe.
+ bool needs_connection = false;
};
#else
#error "Platform not yet supported."
diff --git a/mojo/mojo_edk.gyp b/mojo/mojo_edk.gyp
index b0002a5..9014ee4 100644
--- a/mojo/mojo_edk.gyp
+++ b/mojo/mojo_edk.gyp
@@ -68,6 +68,8 @@
'edk/embedder/embedder.h',
'edk/embedder/embedder_internal.h',
'edk/embedder/entrypoints.cc',
+ 'edk/embedder/named_platform_channel_pair_win.cc',
+ 'edk/embedder/named_platform_channel_pair_win.h',
'edk/embedder/platform_channel_pair.cc',
'edk/embedder/platform_channel_pair.h',
'edk/embedder/platform_channel_pair_posix.cc',