Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(553)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox_policy_base.h

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: default to csrss not being disconnected Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/win/src/sandbox_policy.h ('K') | « sandbox/win/src/sandbox_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
7 7
8 #include <windows.h> 8 #include <windows.h>
9 #include <stddef.h> 9 #include <stddef.h>
10 #include <stdint.h> 10 #include <stdint.h>
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) override; 54 ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) override;
55 IntegrityLevel GetIntegrityLevel() const override; 55 IntegrityLevel GetIntegrityLevel() const override;
56 ResultCode SetDelayedIntegrityLevel(IntegrityLevel integrity_level) override; 56 ResultCode SetDelayedIntegrityLevel(IntegrityLevel integrity_level) override;
57 ResultCode SetAppContainer(const wchar_t* sid) override; 57 ResultCode SetAppContainer(const wchar_t* sid) override;
58 ResultCode SetCapability(const wchar_t* sid) override; 58 ResultCode SetCapability(const wchar_t* sid) override;
59 ResultCode SetLowBox(const wchar_t* sid) override; 59 ResultCode SetLowBox(const wchar_t* sid) override;
60 ResultCode SetProcessMitigations(MitigationFlags flags) override; 60 ResultCode SetProcessMitigations(MitigationFlags flags) override;
61 MitigationFlags GetProcessMitigations() override; 61 MitigationFlags GetProcessMitigations() override;
62 ResultCode SetDelayedProcessMitigations(MitigationFlags flags) override; 62 ResultCode SetDelayedProcessMitigations(MitigationFlags flags) override;
63 MitigationFlags GetDelayedProcessMitigations() const override; 63 MitigationFlags GetDelayedProcessMitigations() const override;
64 void DisconnectCsrss() override;
65
Will Harris 2016/02/05 23:27:00 nit:remove line
liamjm (20p) 2016/02/05 23:51:21 Done.
64 void SetStrictInterceptions() override; 66 void SetStrictInterceptions() override;
65 ResultCode SetStdoutHandle(HANDLE handle) override; 67 ResultCode SetStdoutHandle(HANDLE handle) override;
66 ResultCode SetStderrHandle(HANDLE handle) override; 68 ResultCode SetStderrHandle(HANDLE handle) override;
67 ResultCode AddRule(SubSystem subsystem, 69 ResultCode AddRule(SubSystem subsystem,
68 Semantics semantics, 70 Semantics semantics,
69 const wchar_t* pattern) override; 71 const wchar_t* pattern) override;
70 ResultCode AddDllToUnload(const wchar_t* dll_name) override; 72 ResultCode AddDllToUnload(const wchar_t* dll_name) override;
71 ResultCode AddKernelObjectToClose(const base::char16* handle_type, 73 ResultCode AddKernelObjectToClose(const base::char16* handle_type,
72 const base::char16* handle_name) override; 74 const base::char16* handle_name) override;
73 void* AddHandleToShare(HANDLE handle) override; 75 void* AddHandleToShare(HANDLE handle) override;
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 bool use_alternate_winstation_; 140 bool use_alternate_winstation_;
139 // Helps the file system policy initialization. 141 // Helps the file system policy initialization.
140 bool file_system_init_; 142 bool file_system_init_;
141 bool relaxed_interceptions_; 143 bool relaxed_interceptions_;
142 HANDLE stdout_handle_; 144 HANDLE stdout_handle_;
143 HANDLE stderr_handle_; 145 HANDLE stderr_handle_;
144 IntegrityLevel integrity_level_; 146 IntegrityLevel integrity_level_;
145 IntegrityLevel delayed_integrity_level_; 147 IntegrityLevel delayed_integrity_level_;
146 MitigationFlags mitigations_; 148 MitigationFlags mitigations_;
147 MitigationFlags delayed_mitigations_; 149 MitigationFlags delayed_mitigations_;
150 bool is_csrss_connected_;
148 // Object in charge of generating the low level policy. 151 // Object in charge of generating the low level policy.
149 LowLevelPolicy* policy_maker_; 152 LowLevelPolicy* policy_maker_;
150 // Memory structure that stores the low level policy. 153 // Memory structure that stores the low level policy.
151 PolicyGlobal* policy_; 154 PolicyGlobal* policy_;
152 // The list of dlls to unload in the target process. 155 // The list of dlls to unload in the target process.
153 std::vector<base::string16> blacklisted_dlls_; 156 std::vector<base::string16> blacklisted_dlls_;
154 // This is a map of handle-types to names that we need to close in the 157 // This is a map of handle-types to names that we need to close in the
155 // target process. A null set means we need to close all handles of the 158 // target process. A null set means we need to close all handles of the
156 // given type. 159 // given type.
157 HandleCloser handle_closer_; 160 HandleCloser handle_closer_;
(...skipping 11 matching lines...) Expand all
169 // This list contains handles other than the stderr/stdout handles which are 172 // This list contains handles other than the stderr/stdout handles which are
170 // shared with the target at times. 173 // shared with the target at times.
171 HandleList handles_to_share_; 174 HandleList handles_to_share_;
172 175
173 DISALLOW_COPY_AND_ASSIGN(PolicyBase); 176 DISALLOW_COPY_AND_ASSIGN(PolicyBase);
174 }; 177 };
175 178
176 } // namespace sandbox 179 } // namespace sandbox
177 180
178 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 181 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
OLDNEW
« sandbox/win/src/sandbox_policy.h ('K') | « sandbox/win/src/sandbox_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698