toolkit/profile/ProfileUnlockerWin.cpp

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "ProfileUnlockerWin.h"
   8 #include "nsCOMPtr.h"
   9 #include "nsIFile.h"
  10 #include "nsTArray.h"
  11 #include "nsXPCOM.h"
  12
  13 namespace mozilla {
  14
  15 /**
  16  * RAII class to obtain and manage a handle to a Restart Manager session.
  17  * It opens a new handle upon construction and releases it upon destruction.
  18  */
  19 class MOZ_STACK_CLASS ScopedRestartManagerSession {
  20  public:
  21   explicit ScopedRestartManagerSession(ProfileUnlockerWin& aUnlocker)
  22       : mError(ERROR_INVALID_HANDLE),
  23         mHandle((DWORD)-1)  // 0 is a valid restart manager handle
  24         ,
  25         mUnlocker(aUnlocker) {
  26     mError = mUnlocker.StartSession(mHandle);
  27   }
  28
  29   ~ScopedRestartManagerSession() {
  30     if (mError == ERROR_SUCCESS) {
  31       mUnlocker.EndSession(mHandle);
  32     }
  33   }
  34
  35   /**
  36    * @return true if the handle is a valid Restart Ranager handle.
  37    */
  38   inline bool ok() { return mError == ERROR_SUCCESS; }
  39
  40   /**
  41    * @return the Restart Manager handle to pass to other Restart Manager APIs.
  42    */
  43   inline DWORD handle() { return mHandle; }
  44
  45  private:
  46   DWORD mError;
  47   DWORD mHandle;
  48   ProfileUnlockerWin& mUnlocker;
  49 };
  50
  51 ProfileUnlockerWin::ProfileUnlockerWin(const nsAString& aFileName)
  52     : mRmStartSession(nullptr),
  53       mRmRegisterResources(nullptr),
  54       mRmGetList(nullptr),
  55       mRmEndSession(nullptr),
  56       mQueryFullProcessImageName(nullptr),
  57       mFileName(aFileName) {}
  58
  59 ProfileUnlockerWin::~ProfileUnlockerWin() {}
  60
  61 NS_IMPL_ISUPPORTS(ProfileUnlockerWin, nsIProfileUnlocker)
  62
  63 nsresult ProfileUnlockerWin::Init() {
  64   MOZ_ASSERT(!mRestartMgrModule);
  65   if (mFileName.IsEmpty()) {
  66     return NS_ERROR_ILLEGAL_VALUE;
  67   }
  68
  69   nsModuleHandle module(::LoadLibraryW(L"Rstrtmgr.dll"));
  70   if (!module) {
  71     return NS_ERROR_NOT_AVAILABLE;
  72   }
  73   mRmStartSession = reinterpret_cast<RMSTARTSESSION>(
  74       ::GetProcAddress(module, "RmStartSession"));
  75   if (!mRmStartSession) {
  76     return NS_ERROR_UNEXPECTED;
  77   }
  78   mRmRegisterResources = reinterpret_cast<RMREGISTERRESOURCES>(
  79       ::GetProcAddress(module, "RmRegisterResources"));
  80   if (!mRmRegisterResources) {
  81     return NS_ERROR_UNEXPECTED;
  82   }
  83   mRmGetList =
  84       reinterpret_cast<RMGETLIST>(::GetProcAddress(module, "RmGetList"));
  85   if (!mRmGetList) {
  86     return NS_ERROR_UNEXPECTED;
  87   }
  88   mRmEndSession =
  89       reinterpret_cast<RMENDSESSION>(::GetProcAddress(module, "RmEndSession"));
  90   if (!mRmEndSession) {
  91     return NS_ERROR_UNEXPECTED;
  92   }
  93
  94   mQueryFullProcessImageName =
  95       reinterpret_cast<QUERYFULLPROCESSIMAGENAME>(::GetProcAddress(
  96           ::GetModuleHandleW(L"kernel32.dll"), "QueryFullProcessImageNameW"));
  97   if (!mQueryFullProcessImageName) {
  98     return NS_ERROR_NOT_AVAILABLE;
  99   }
 100
 101   mRestartMgrModule.steal(module);
 102   return NS_OK;
 103 }
 104
 105 DWORD
 106 ProfileUnlockerWin::StartSession(DWORD& aHandle) {
 107   WCHAR sessionKey[CCH_RM_SESSION_KEY + 1] = {0};
 108   return mRmStartSession(&aHandle, 0, sessionKey);
 109 }
 110
 111 void ProfileUnlockerWin::EndSession(DWORD aHandle) { mRmEndSession(aHandle); }
 112
 113 NS_IMETHODIMP
 114 ProfileUnlockerWin::Unlock(uint32_t aSeverity) {
 115   if (!mRestartMgrModule) {
 116     return NS_ERROR_NOT_INITIALIZED;
 117   }
 118
 119   if (aSeverity != FORCE_QUIT) {
 120     return NS_ERROR_NOT_IMPLEMENTED;
 121   }
 122
 123   ScopedRestartManagerSession session(*this);
 124   if (!session.ok()) {
 125     return NS_ERROR_FAILURE;
 126   }
 127
 128   LPCWSTR resources[] = {mFileName.get()};
 129   DWORD error = mRmRegisterResources(session.handle(), 1, resources, 0, nullptr,
 130                                      0, nullptr);
 131   if (error != ERROR_SUCCESS) {
 132     return NS_ERROR_FAILURE;
 133   }
 134
 135   // Using a AutoTArray here because we expect the required size to be 1.
 136   AutoTArray<RM_PROCESS_INFO, 1> info;
 137   UINT numEntries;
 138   UINT numEntriesNeeded = 1;
 139   error = ERROR_MORE_DATA;
 140   DWORD reason = RmRebootReasonNone;
 141   while (error == ERROR_MORE_DATA) {
 142     info.SetLength(numEntriesNeeded);
 143     numEntries = numEntriesNeeded;
 144     error = mRmGetList(session.handle(), &numEntriesNeeded, &numEntries,
 145                        &info[0], &reason);
 146   }
 147   if (error != ERROR_SUCCESS) {
 148     return NS_ERROR_FAILURE;
 149   }
 150   if (numEntries == 0) {
 151     // Nobody else is locking the file; the other process must have terminated
 152     return NS_OK;
 153   }
 154
 155   nsresult rv = NS_ERROR_FAILURE;
 156   for (UINT i = 0; i < numEntries; ++i) {
 157     rv = TryToTerminate(info[i].Process);
 158     if (NS_SUCCEEDED(rv)) {
 159       return NS_OK;
 160     }
 161   }
 162
 163   // If nothing could be unlocked then we return the error code of the last
 164   // failure that was returned.
 165   return rv;
 166 }
 167
 168 nsresult ProfileUnlockerWin::TryToTerminate(RM_UNIQUE_PROCESS& aProcess) {
 169   // Subtle: If the target process terminated before this call to OpenProcess,
 170   // this call will still succeed. This is because the restart manager session
 171   // internally retains a handle to the target process. The rules for Windows
 172   // PIDs state that the PID of a terminated process remains valid as long as
 173   // at least one handle to that process remains open, so when we reach this
 174   // point the PID is still valid and the process will open successfully.
 175   DWORD accessRights = PROCESS_QUERY_LIMITED_INFORMATION | PROCESS_TERMINATE;
 176   nsAutoHandle otherProcess(
 177       ::OpenProcess(accessRights, FALSE, aProcess.dwProcessId));
 178   if (!otherProcess) {
 179     return NS_ERROR_FAILURE;
 180   }
 181
 182   FILETIME creationTime, exitTime, kernelTime, userTime;
 183   if (!::GetProcessTimes(otherProcess, &creationTime, &exitTime, &kernelTime,
 184                          &userTime)) {
 185     return NS_ERROR_FAILURE;
 186   }
 187   if (::CompareFileTime(&aProcess.ProcessStartTime, &creationTime)) {
 188     return NS_ERROR_NOT_AVAILABLE;
 189   }
 190
 191   WCHAR imageName[MAX_PATH];
 192   DWORD imageNameLen = MAX_PATH;
 193   if (!mQueryFullProcessImageName(otherProcess, 0, imageName, &imageNameLen)) {
 194     // The error codes for this function are not very descriptive. There are
 195     // actually two failure cases here: Either the call failed because the
 196     // process is no longer running, or it failed for some other reason. We
 197     // need to know which case that is.
 198     DWORD otherProcessExitCode;
 199     if (!::GetExitCodeProcess(otherProcess, &otherProcessExitCode) ||
 200         otherProcessExitCode == STILL_ACTIVE) {
 201       // The other process is still running.
 202       return NS_ERROR_FAILURE;
 203     }
 204     // The other process must have terminated. We should return NS_OK so that
 205     // this process may proceed with startup.
 206     return NS_OK;
 207   }
 208   nsCOMPtr<nsIFile> otherProcessImageName;
 209   if (NS_FAILED(NS_NewLocalFile(nsDependentString(imageName, imageNameLen),
 210                                 false,
 211                                 getter_AddRefs(otherProcessImageName)))) {
 212     return NS_ERROR_FAILURE;
 213   }
 214   nsAutoString otherProcessLeafName;
 215   if (NS_FAILED(otherProcessImageName->GetLeafName(otherProcessLeafName))) {
 216     return NS_ERROR_FAILURE;
 217   }
 218
 219   imageNameLen = MAX_PATH;
 220   if (!mQueryFullProcessImageName(::GetCurrentProcess(), 0, imageName,
 221                                   &imageNameLen)) {
 222     return NS_ERROR_FAILURE;
 223   }
 224   nsCOMPtr<nsIFile> thisProcessImageName;
 225   if (NS_FAILED(NS_NewLocalFile(nsDependentString(imageName, imageNameLen),
 226                                 false, getter_AddRefs(thisProcessImageName)))) {
 227     return NS_ERROR_FAILURE;
 228   }
 229   nsAutoString thisProcessLeafName;
 230   if (NS_FAILED(thisProcessImageName->GetLeafName(thisProcessLeafName))) {
 231     return NS_ERROR_FAILURE;
 232   }
 233
 234   // Make sure the image leaf names match
 235   if (_wcsicmp(otherProcessLeafName.get(), thisProcessLeafName.get())) {
 236     return NS_ERROR_NOT_AVAILABLE;
 237   }
 238
 239   // We know that another process holds the lock and that it shares the same
 240   // image name as our process. Let's kill it.
 241   // Subtle: TerminateProcess returning ERROR_ACCESS_DENIED is actually an
 242   // indicator that the target process managed to shut down on its own. In that
 243   // case we should return NS_OK since we may proceed with startup.
 244   if (!::TerminateProcess(otherProcess, 1) &&
 245       ::GetLastError() != ERROR_ACCESS_DENIED) {
 246     return NS_ERROR_FAILURE;
 247   }
 248
 249   return NS_OK;
 250 }
 251
 252 }  // namespace mozilla