toolkit/profile/ProfileUnlockerWin.cpp

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "ProfileUnlockerWin.h"
   8 #include "nsCOMPtr.h"
   9 #include "nsIFile.h"
  10 #include "nsTArray.h"
  11 #include "nsXPCOM.h"
  12
  13 namespace mozilla {
  14
  15 /**
  16  * RAII class to obtain and manage a handle to a Restart Manager session.
  17  * It opens a new handle upon construction and releases it upon destruction.
  18  */
  19 class MOZ_STACK_CLASS ScopedRestartManagerSession
  20 {
  21 public:
  22   explicit ScopedRestartManagerSession(ProfileUnlockerWin& aUnlocker)
  23     : mError(ERROR_INVALID_HANDLE)
  24     , mHandle((DWORD)-1) // 0 is a valid restart manager handle
  25     , mUnlocker(aUnlocker)
  26   {
  27     mError = mUnlocker.StartSession(mHandle);
  28   }
  29
  30   ~ScopedRestartManagerSession()
  31   {
  32     if (mError == ERROR_SUCCESS) {
  33       mUnlocker.EndSession(mHandle);
  34     }
  35   }
  36
  37   /**
  38    * @return true if the handle is a valid Restart Ranager handle.
  39    */
  40   inline bool
  41   ok()
  42   {
  43     return mError == ERROR_SUCCESS;
  44   }
  45
  46   /**
  47    * @return the Restart Manager handle to pass to other Restart Manager APIs.
  48    */
  49   inline DWORD
  50   handle()
  51   {
  52     return mHandle;
  53   }
  54
  55 private:
  56   DWORD               mError;
  57   DWORD               mHandle;
  58   ProfileUnlockerWin& mUnlocker;
  59 };
  60
  61 ProfileUnlockerWin::ProfileUnlockerWin(const nsAString& aFileName)
  62   : mRmStartSession(nullptr)
  63   , mRmRegisterResources(nullptr)
  64   , mRmGetList(nullptr)
  65   , mRmEndSession(nullptr)
  66   , mQueryFullProcessImageName(nullptr)
  67   , mFileName(aFileName)
  68 {
  69 }
  70
  71 ProfileUnlockerWin::~ProfileUnlockerWin()
  72 {
  73 }
  74
  75 NS_IMPL_ISUPPORTS(ProfileUnlockerWin, nsIProfileUnlocker)
  76
  77 nsresult
  78 ProfileUnlockerWin::Init()
  79 {
  80   MOZ_ASSERT(!mRestartMgrModule);
  81   if (mFileName.IsEmpty()) {
  82     return NS_ERROR_ILLEGAL_VALUE;
  83   }
  84
  85   nsModuleHandle module(::LoadLibraryW(L"Rstrtmgr.dll"));
  86   if (!module) {
  87     return NS_ERROR_NOT_AVAILABLE;
  88   }
  89   mRmStartSession =
  90     reinterpret_cast<RMSTARTSESSION>(::GetProcAddress(module, "RmStartSession"));
  91   if (!mRmStartSession) {
  92     return NS_ERROR_UNEXPECTED;
  93   }
  94   mRmRegisterResources =
  95     reinterpret_cast<RMREGISTERRESOURCES>(::GetProcAddress(module,
  96                                                        "RmRegisterResources"));
  97   if (!mRmRegisterResources) {
  98     return NS_ERROR_UNEXPECTED;
  99   }
 100   mRmGetList = reinterpret_cast<RMGETLIST>(::GetProcAddress(module,
 101                                                             "RmGetList"));
 102   if (!mRmGetList) {
 103     return NS_ERROR_UNEXPECTED;
 104   }
 105   mRmEndSession = reinterpret_cast<RMENDSESSION>(::GetProcAddress(module,
 106                                                                   "RmEndSession"));
 107   if (!mRmEndSession) {
 108     return NS_ERROR_UNEXPECTED;
 109   }
 110
 111   mQueryFullProcessImageName =
 112     reinterpret_cast<QUERYFULLPROCESSIMAGENAME>(::GetProcAddress(
 113                                   ::GetModuleHandleW(L"kernel32.dll"),
 114                                   "QueryFullProcessImageNameW"));
 115   if (!mQueryFullProcessImageName) {
 116     return NS_ERROR_NOT_AVAILABLE;
 117   }
 118
 119   mRestartMgrModule.steal(module);
 120   return NS_OK;
 121 }
 122
 123 DWORD
 124 ProfileUnlockerWin::StartSession(DWORD& aHandle)
 125 {
 126   WCHAR sessionKey[CCH_RM_SESSION_KEY + 1] = {0};
 127   return mRmStartSession(&aHandle, 0, sessionKey);
 128 }
 129
 130 void
 131 ProfileUnlockerWin::EndSession(DWORD aHandle)
 132 {
 133   mRmEndSession(aHandle);
 134 }
 135
 136 NS_IMETHODIMP
 137 ProfileUnlockerWin::Unlock(uint32_t aSeverity)
 138 {
 139   if (!mRestartMgrModule) {
 140     return NS_ERROR_NOT_INITIALIZED;
 141   }
 142
 143   if (aSeverity != FORCE_QUIT) {
 144     return NS_ERROR_NOT_IMPLEMENTED;
 145   }
 146
 147   ScopedRestartManagerSession session(*this);
 148   if (!session.ok()) {
 149     return NS_ERROR_FAILURE;
 150   }
 151
 152   LPCWSTR resources[] = { mFileName.get() };
 153   DWORD error = mRmRegisterResources(session.handle(), 1, resources, 0, nullptr,
 154                                      0, nullptr);
 155   if (error != ERROR_SUCCESS) {
 156     return NS_ERROR_FAILURE;
 157   }
 158
 159   // Using a AutoTArray here because we expect the required size to be 1.
 160   AutoTArray<RM_PROCESS_INFO, 1> info;
 161   UINT numEntries;
 162   UINT numEntriesNeeded = 1;
 163   error = ERROR_MORE_DATA;
 164   DWORD reason = RmRebootReasonNone;
 165   while (error == ERROR_MORE_DATA) {
 166     info.SetLength(numEntriesNeeded);
 167     numEntries = numEntriesNeeded;
 168     error = mRmGetList(session.handle(), &numEntriesNeeded, &numEntries,
 169                        &info[0], &reason);
 170   }
 171   if (error != ERROR_SUCCESS) {
 172     return NS_ERROR_FAILURE;
 173   }
 174   if (numEntries == 0) {
 175     // Nobody else is locking the file; the other process must have terminated
 176     return NS_OK;
 177   }
 178
 179   nsresult rv = NS_ERROR_FAILURE;
 180   for (UINT i = 0; i < numEntries; ++i) {
 181     rv = TryToTerminate(info[i].Process);
 182     if (NS_SUCCEEDED(rv)) {
 183       return NS_OK;
 184     }
 185   }
 186
 187   // If nothing could be unlocked then we return the error code of the last
 188   // failure that was returned.
 189   return rv;
 190 }
 191
 192 nsresult
 193 ProfileUnlockerWin::TryToTerminate(RM_UNIQUE_PROCESS& aProcess)
 194 {
 195   // Subtle: If the target process terminated before this call to OpenProcess,
 196   // this call will still succeed. This is because the restart manager session
 197   // internally retains a handle to the target process. The rules for Windows
 198   // PIDs state that the PID of a terminated process remains valid as long as
 199   // at least one handle to that process remains open, so when we reach this
 200   // point the PID is still valid and the process will open successfully.
 201   DWORD accessRights = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE;
 202   nsAutoHandle otherProcess(::OpenProcess(accessRights, FALSE,
 203                                           aProcess.dwProcessId));
 204   if (!otherProcess) {
 205     return NS_ERROR_FAILURE;
 206   }
 207
 208   FILETIME creationTime, exitTime, kernelTime, userTime;
 209   if (!::GetProcessTimes(otherProcess, &creationTime, &exitTime, &kernelTime,
 210                          &userTime)) {
 211     return NS_ERROR_FAILURE;
 212   }
 213   if (::CompareFileTime(&aProcess.ProcessStartTime, &creationTime)) {
 214     return NS_ERROR_NOT_AVAILABLE;
 215   }
 216
 217   WCHAR imageName[MAX_PATH];
 218   DWORD imageNameLen = MAX_PATH;
 219   if (!mQueryFullProcessImageName(otherProcess, 0, imageName, &imageNameLen)) {
 220     // The error codes for this function are not very descriptive. There are
 221     // actually two failure cases here: Either the call failed because the
 222     // process is no longer running, or it failed for some other reason. We
 223     // need to know which case that is.
 224     DWORD otherProcessExitCode;
 225     if (!::GetExitCodeProcess(otherProcess, &otherProcessExitCode) ||
 226         otherProcessExitCode == STILL_ACTIVE) {
 227       // The other process is still running.
 228       return NS_ERROR_FAILURE;
 229     }
 230     // The other process must have terminated. We should return NS_OK so that
 231     // this process may proceed with startup.
 232     return NS_OK;
 233   }
 234   nsCOMPtr<nsIFile> otherProcessImageName;
 235   if (NS_FAILED(NS_NewLocalFile(nsDependentString(imageName, imageNameLen),
 236                                 false, getter_AddRefs(otherProcessImageName)))) {
 237     return NS_ERROR_FAILURE;
 238   }
 239   nsAutoString otherProcessLeafName;
 240   if (NS_FAILED(otherProcessImageName->GetLeafName(otherProcessLeafName))) {
 241     return NS_ERROR_FAILURE;
 242   }
 243
 244   imageNameLen = MAX_PATH;
 245   if (!mQueryFullProcessImageName(::GetCurrentProcess(), 0, imageName,
 246         &imageNameLen)) {
 247     return NS_ERROR_FAILURE;
 248   }
 249   nsCOMPtr<nsIFile> thisProcessImageName;
 250   if (NS_FAILED(NS_NewLocalFile(nsDependentString(imageName, imageNameLen),
 251                                 false, getter_AddRefs(thisProcessImageName)))) {
 252     return NS_ERROR_FAILURE;
 253   }
 254   nsAutoString thisProcessLeafName;
 255   if (NS_FAILED(thisProcessImageName->GetLeafName(thisProcessLeafName))) {
 256     return NS_ERROR_FAILURE;
 257   }
 258
 259   // Make sure the image leaf names match
 260   if (_wcsicmp(otherProcessLeafName.get(), thisProcessLeafName.get())) {
 261     return NS_ERROR_NOT_AVAILABLE;
 262   }
 263
 264   // We know that another process holds the lock and that it shares the same
 265   // image name as our process. Let's kill it.
 266   // Subtle: TerminateProcess returning ERROR_ACCESS_DENIED is actually an
 267   // indicator that the target process managed to shut down on its own. In that
 268   // case we should return NS_OK since we may proceed with startup.
 269   if (!::TerminateProcess(otherProcess, 1) &&
 270       ::GetLastError() != ERROR_ACCESS_DENIED) {
 271     return NS_ERROR_FAILURE;
 272   }
 273
 274   return NS_OK;
 275 }
 276
 277 } // namespace mozilla
 278