Add sandbox support for Windows process mitigations

sandbox/win/src/process_mitigations.h

Index: sandbox/win/src/process_mitigations.h
===================================================================
--- sandbox/win/src/process_mitigations.h	(revision 0)
+++ sandbox/win/src/process_mitigations.h	(revision 0)
@@ -0,0 +1,61 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_SRC_WIN_PROCESS_MITIGATIONS_H_
+#define SANDBOX_SRC_WIN_PROCESS_MITIGATIONS_H_
+
+#include <windows.h>
+
+#include "base/basictypes.h"
+
+namespace sandbox {
+
+// Standard Windows mitigations

[cpu_(ooo_6.6-7.5), 2012/09/06 19:46:15]

So I like the idea of having our own flags but that means that we need to do
some brief explaining on what they do in deference with all the 3rd parties that
use this.

For example mitigation_heap_terminate is not very descriptive by itself

[jschuh, 2012/09/07 01:14:22]

Done.

+const uint64 MITIGATION_DEP                           = 0x00000001;
+const uint64 MITIGATION_DEP_NO_ATL_THUNK              = 0x00000002;
+
+const uint64 MITIGATION_SEHOP                         = 0x00000004;
+
+const uint64 MITIGATION_RELOCATE_IMAGE                = 0x00000008;
+const uint64 MITIGATION_RELOCATE_IMAGE_REQUIRED       = 0x00000010;
+
+const uint64 MITIGATION_HEAP_TERMINATE                = 0x00000020;
+const uint64 MITIGATION_BOTTOM_UP_ASLR                = 0x00000040;
+const uint64 MITIGATION_HIGH_ENTROPY_ASLR             = 0x00000080;
+const uint64 MITIGATION_STRICT_HANDLE_CHECKS          = 0x00000100;
+const uint64 MITIGATION_WIN32K_DISABLE                = 0x00000200;
+const uint64 MITIGATION_EXTENSION_DLL_DISABLE         = 0x00000400;
+
+
+// Additional mitigations implemented by the sandbox (top 32 bits).
+
+// Sets the DLL search order to LOAD_LIBRARY_SEARCH_DEFAULT_DIRS
+const uint64 MITIGATION_DLL_SEARCH                    = 0x00000001ULL << 32;

[cpu_(ooo_6.6-7.5), 2012/09/06 19:46:15]

dll_search_order ? or restricted_dll_search ?

[jschuh, 2012/09/07 01:14:22]

Done.

+
+

[cpu_(ooo_6.6-7.5), 2012/09/06 19:46:15]

nuke extra space

[jschuh, 2012/09/07 01:14:22]

Done.

+// Returns the flags that must be enforced after startup.
+uint64 GetPostStartupProcessMitigations(uint64 flags);
+
+// Converts sandbox flags to the PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES
+// flags used by UpdateProcThreadAttribute().
+DWORD64 GetProcessMitigationPolicyFlags(uint64 flags);
+
+// Sets the mitigation policy for the current process, ignoring any settings
+// that are invalid for the current version of Windows.
+bool SetProcessMitigationsForCurrentProcess(uint64 flags);
+
+// Adds mitigations that need to be performed on the suspended target process
+// before execution begins.
+bool SetProcessMitigationsForSuspendedProcess(HANDLE process, uint64 flags);
+
+// Returns true if all the supplied flags can be set after a process starts.
+bool CanSetProcessMitigationsPostStartup(uint64 flags);
+
+// Returns true if all the supplied flags can be set before a process starts.
+bool CanSetProcessMitigationsPreStartup(uint64 flags);
+
+}  // namespace sandbox
+
+#endif  // SANDBOX_SRC_WIN_PROCESS_MITIGATIONS_H_
+