diff options
Diffstat (limited to 'tizen/src/util/osutil-win32.c')
| -rw-r--r-- | tizen/src/util/osutil-win32.c | 179 |
1 files changed, 150 insertions, 29 deletions
diff --git a/tizen/src/util/osutil-win32.c b/tizen/src/util/osutil-win32.c index a76edfc2e6..48220da10c 100644 --- a/tizen/src/util/osutil-win32.c +++ b/tizen/src/util/osutil-win32.c @@ -83,29 +83,36 @@ image file and kernel log file are aleady opened with exclusive write lock by pre-executed emulator. But it is still useful for emulator-manager. */ -void make_vm_lock_os(void) +void make_vm_lock_os(gchar *vms_path) { + g_assert(lock_file == INVALID_HANDLE_VALUE); g_assert(lock_filename == NULL); - lock_filename = g_strdup_printf("%s.lock", get_drive_image_file()); + lock_filename = g_strdup_printf("%s\\%s", vms_path, VMLOCK_FILE); if (g_mkdir_with_parents(g_path_get_dirname(lock_filename), 0777)) { LOG_WARNING("Can not create directory for lock file: %ld\n", GetLastError()); + // do not create the lock file. + g_free(lock_filename); + lock_filename = NULL; + return; } lock_file = CreateFile(lock_filename, - GENERIC_READ | GENERIC_WRITE, - 0, // No share - NULL, - CREATE_ALWAYS, - FILE_ATTRIBUTE_NORMAL | FILE_FLAG_DELETE_ON_CLOSE, - NULL); + GENERIC_READ | GENERIC_WRITE, + 0, // No share + NULL, + CREATE_ALWAYS, + FILE_ATTRIBUTE_NORMAL | FILE_FLAG_DELETE_ON_CLOSE, + NULL); if (lock_file == INVALID_HANDLE_VALUE) { DWORD error = GetLastError(); // On Windows, the file opened by CreateFile has exclusive lock // naturally unless FILE_SHARE_* attribute is set. if (error == ERROR_SHARING_VIOLATION) { + g_free(lock_filename); + lock_filename = NULL; error_report("Can not execute this VM. " "The same VM may be running now."); exit(1); @@ -201,12 +208,12 @@ bool make_sdcard_lock_os(char *sdcard) fname = g_strdup_printf("%s.lck", sdcard); h = CreateFile(fname, - GENERIC_READ, - 0, // No share - NULL, - CREATE_ALWAYS, - FILE_ATTRIBUTE_NORMAL | FILE_FLAG_DELETE_ON_CLOSE, - NULL); + GENERIC_READ, + 0, // No share + NULL, + CREATE_ALWAYS, + FILE_ATTRIBUTE_NORMAL | FILE_FLAG_DELETE_ON_CLOSE, + NULL); if (h == INVALID_HANDLE_VALUE) { LOG_WARNING("Failed to CreateFile a sdcard lock file: %d\n", @@ -277,11 +284,11 @@ void get_java_path_win32(const char **java_path) /* Opens above key to query the current version */ res = RegOpenKeyEx(HKEY_LOCAL_MACHINE, - strKey, - 0, - KEY_QUERY_VALUE | - MY_KEY_WOW64_64KEY, - &hKey); + strKey, + 0, + KEY_QUERY_VALUE | + MY_KEY_WOW64_64KEY, + &hKey); if (res != ERROR_SUCCESS) { LOG_WARNING("Java Runtime Environment key not found\n"); goto javahome_not_found; @@ -289,11 +296,11 @@ void get_java_path_win32(const char **java_path) /* Queries for the current version */ res = RegQueryValueEx(hKey, - "CurrentVersion", - NULL, - NULL, - (LPBYTE)strVersion, - &dwBufLen); + "CurrentVersion", + NULL, + NULL, + (LPBYTE)strVersion, + &dwBufLen); RegCloseKey(hKey); if (res != ERROR_SUCCESS) { LOG_WARNING("JRE CurrentVersion not found\n"); @@ -306,11 +313,11 @@ void get_java_path_win32(const char **java_path) /* Opens above key to query the JavaHome */ res = RegOpenKeyEx(HKEY_LOCAL_MACHINE, - strKey, - 0, - KEY_QUERY_VALUE | - MY_KEY_WOW64_64KEY, - &hKey); + strKey, + 0, + KEY_QUERY_VALUE | + MY_KEY_WOW64_64KEY, + &hKey); if (res == ERROR_SUCCESS) { /* Queries for the JavaHome */ dwBufLen = PATH_MAX; @@ -336,3 +343,117 @@ javahome_not_found: *java_path = current_java_path; } + +bool check_integrity_level_and_respawn(void) +{ + BOOL bResult = false; + HANDLE hToken = NULL; + HANDLE hNewToken = NULL; + PSID pIntegritySid = NULL; + TOKEN_MANDATORY_LABEL TIL = { { 0, }, }; + PTOKEN_MANDATORY_LABEL pTIL = NULL; + PROCESS_INFORMATION ProcInfo = { 0, }; + STARTUPINFO StartupInfo = { 0, }; + SID_IDENTIFIER_AUTHORITY + MLAuthority = { SECURITY_MANDATORY_LABEL_AUTHORITY }; + DWORD dwIntegrityLevel, dwSize = 0; + + if(!OpenProcessToken(GetCurrentProcess(), + TOKEN_DUPLICATE | TOKEN_ADJUST_DEFAULT | TOKEN_QUERY | + TOKEN_ASSIGN_PRIMARY, &hToken)) { + LOG_WARNING("OpenProcessToken Error %lu\n", GetLastError()); + goto CleanExit; + } + + if (!GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwSize)) { + DWORD dwResult = GetLastError(); + if (dwResult != ERROR_INSUFFICIENT_BUFFER) { + LOG_WARNING("GetTokenInformation Error %lu\n", dwResult); + goto CleanExit; + } + } + + pTIL = (PTOKEN_MANDATORY_LABEL)LocalAlloc(0, dwSize); + if (!pTIL) { + LOG_WARNING("LocalAlloc Error %lu\n", GetLastError()); + goto CleanExit; + } + + if (!GetTokenInformation(hToken, TokenIntegrityLevel, pTIL, + dwSize, &dwSize)) { + LOG_WARNING("GetTokenInformation Error %lu\n", GetLastError()); + goto CleanExit; + } + + dwIntegrityLevel = *GetSidSubAuthority(pTIL->Label.Sid, + (DWORD)(UCHAR)(*GetSidSubAuthorityCount(pTIL->Label.Sid) - 1)); + + if (dwIntegrityLevel >= SECURITY_MANDATORY_MEDIUM_RID && + dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) { + // We have medium integrity level. So keep going on. + goto CleanExit; + } + + LOG_INFO("Running with elevated integrity level. Try to respawn.\n"); + + if (!DuplicateTokenEx(hToken, 0, NULL, SecurityImpersonation, + TokenPrimary, &hNewToken)) { + LOG_WARNING("DuplicateTokenEx Error %lu\n", GetLastError()); + goto CleanExit; + } + + if (!AllocateAndInitializeSid(&MLAuthority, 1, SECURITY_MANDATORY_MEDIUM_RID, + 0, 0, 0, 0, 0, 0, 0, &pIntegritySid)) { + LOG_WARNING("AllocateAndInitializeSid Error %lu\n", GetLastError()); + goto CleanExit; + } + + TIL.Label.Attributes = SE_GROUP_INTEGRITY; + TIL.Label.Sid = pIntegritySid; + + if (!SetTokenInformation(hNewToken, + TokenIntegrityLevel, + &TIL, + sizeof(TOKEN_MANDATORY_LABEL) + GetLengthSid(pIntegritySid))) { + LOG_WARNING("SetTokenInformation Error %lu\n", GetLastError()); + goto CleanExit; + } + + if (!CreateProcessAsUser(hNewToken, 0, GetCommandLine(), + NULL, NULL, FALSE, 0, NULL, NULL, &StartupInfo, &ProcInfo)) { + LOG_WARNING( "CreateProcessAsUser Error %lu\n", GetLastError()); + goto CleanExit; + } + + LOG_INFO("Respawning success. Waiting for child process.\n"); + bResult = true; + WaitForSingleObject(ProcInfo.hProcess, INFINITE); + +CleanExit: + if (ProcInfo.hProcess != NULL) { + CloseHandle(ProcInfo.hProcess); + } + + if (ProcInfo.hThread != NULL) { + CloseHandle(ProcInfo.hThread); + } + + if (pIntegritySid != NULL) { + LocalFree(pIntegritySid); + } + + if (hNewToken != NULL) { + CloseHandle(hNewToken); + } + + if (hToken != NULL) { + CloseHandle(hToken); + } + + if (pTIL != NULL) { + LocalFree(pTIL); + } + + return bResult; +} + |