Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(174)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox_types.h

Issue 10690058: Add sandbox support for Windows process mitigations (Closed) Base URL: https://src.chromium.org/svn/trunk/src/
Patch Set: Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/win/src/process_mitigations.h ('K') | « sandbox/win/src/sandbox_policy_base.cc ('k') | sandbox/win/src/security_level.h » ('j') | sandbox/win/src/security_level.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
7 7
8 namespace sandbox { 8 namespace sandbox {
9 9
10 // Operation result codes returned by the sandbox API. 10 // Operation result codes returned by the sandbox API.
(...skipping 25 matching lines...) Expand all
36 // Failed to create the alternate window station. 36 // Failed to create the alternate window station.
37 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12, 37 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12,
38 // Failed to switch back to the interactive window station. 38 // Failed to switch back to the interactive window station.
39 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13, 39 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13,
40 // The supplied AppContainer is not valid. 40 // The supplied AppContainer is not valid.
41 SBOX_ERROR_INVALID_APP_CONTAINER = 14, 41 SBOX_ERROR_INVALID_APP_CONTAINER = 14,
42 // The supplied capability is not valid. 42 // The supplied capability is not valid.
43 SBOX_ERROR_INVALID_CAPABILITY = 15, 43 SBOX_ERROR_INVALID_CAPABILITY = 15,
44 // There is a failure initializing the AppContainer. 44 // There is a failure initializing the AppContainer.
45 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16, 45 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16,
46 // Initializing or updating ProcThreadAttributes failed.
47 SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17,
46 // Placeholder for last item of the enum. 48 // Placeholder for last item of the enum.
47 SBOX_ERROR_LAST 49 SBOX_ERROR_LAST
48 }; 50 };
49 51
50 // If the sandbox cannot create a secure environment for the target, the 52 // If the sandbox cannot create a secure environment for the target, the
51 // target will be forcibly terminated. These are the process exit codes. 53 // target will be forcibly terminated. These are the process exit codes.
52 enum TerminationCodes { 54 enum TerminationCodes {
53 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level. 55 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level.
54 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token. 56 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token.
55 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles. 57 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles.
56 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching. 58 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching.
57 SBOX_FATAL_CLOSEHANDLES = 7010 // Failed to close pending handles. 59 SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles.
60 SBOX_FATAL_MITIGATION = 7011 // Could not set the mitigation policy.
58 }; 61 };
59 62
60 class BrokerServices; 63 class BrokerServices;
61 class TargetServices; 64 class TargetServices;
62 65
63 // Contains the pointer to a target or broker service. 66 // Contains the pointer to a target or broker service.
64 struct SandboxInterfaceInfo { 67 struct SandboxInterfaceInfo {
65 BrokerServices* broker_services; 68 BrokerServices* broker_services;
66 TargetServices* target_services; 69 TargetServices* target_services;
67 }; 70 };
(...skipping 10 matching lines...) Expand all
78 INTERCEPTION_EAT, 81 INTERCEPTION_EAT,
79 INTERCEPTION_SIDESTEP, // Preamble patch 82 INTERCEPTION_SIDESTEP, // Preamble patch
80 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls 83 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls
81 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch) 84 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch)
82 INTERCEPTION_LAST // Placeholder for last item in the enumeration 85 INTERCEPTION_LAST // Placeholder for last item in the enumeration
83 }; 86 };
84 87
85 } // namespace sandbox 88 } // namespace sandbox
86 89
87 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 90 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
OLDNEW
« sandbox/win/src/process_mitigations.h ('K') | « sandbox/win/src/sandbox_policy_base.cc ('k') | sandbox/win/src/security_level.h » ('j') | sandbox/win/src/security_level.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698