Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/process_thread_dispatcher.cc

Issue 1460903002: Unify PolicyBase into TargetPolicy. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@policy_dispatcher
Patch Set: Rebase. Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/common/sandbox_win.cc ('K') | « sandbox/win/src/process_thread_dispatcher.h ('k') | sandbox/win/src/registry_dispatcher.h » ('j') | sandbox/win/src/sandbox_policy.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/process_thread_dispatcher.h" 5 #include "sandbox/win/src/process_thread_dispatcher.h"
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "sandbox/win/src/crosscall_client.h" 9 #include "sandbox/win/src/crosscall_client.h"
10 #include "sandbox/win/src/interception.h" 10 #include "sandbox/win/src/interception.h"
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
87 if (0 == result || result >= MAX_PATH) 87 if (0 == result || result >= MAX_PATH)
88 return false; 88 return false;
89 89
90 *path = file_buffer; 90 *path = file_buffer;
91 return true; 91 return true;
92 } 92 }
93 93
94 } // namespace 94 } // namespace
95 namespace sandbox { 95 namespace sandbox {
96 96
97 ThreadProcessDispatcher::ThreadProcessDispatcher(PolicyBase* policy_base) 97 ThreadProcessDispatcher::ThreadProcessDispatcher(TargetPolicy* policy)
98 : policy_base_(policy_base) { 98 : policy_(policy) {
99 static const IPCCall open_thread = { 99 static const IPCCall open_thread = {
100 {IPC_NTOPENTHREAD_TAG, {UINT32_TYPE, UINT32_TYPE}}, 100 {IPC_NTOPENTHREAD_TAG, {UINT32_TYPE, UINT32_TYPE}},
101 reinterpret_cast<CallbackGeneric>( 101 reinterpret_cast<CallbackGeneric>(
102 &ThreadProcessDispatcher::NtOpenThread)}; 102 &ThreadProcessDispatcher::NtOpenThread)};
103 103
104 static const IPCCall open_process = { 104 static const IPCCall open_process = {
105 {IPC_NTOPENPROCESS_TAG, {UINT32_TYPE, UINT32_TYPE}}, 105 {IPC_NTOPENPROCESS_TAG, {UINT32_TYPE, UINT32_TYPE}},
106 reinterpret_cast<CallbackGeneric>( 106 reinterpret_cast<CallbackGeneric>(
107 &ThreadProcessDispatcher::NtOpenProcess)}; 107 &ThreadProcessDispatcher::NtOpenProcess)};
108 108
(...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after
220 // Cannot find the path. Maybe the file does not exist. 220 // Cannot find the path. Maybe the file does not exist.
221 ipc->return_info.win32_result = ERROR_FILE_NOT_FOUND; 221 ipc->return_info.win32_result = ERROR_FILE_NOT_FOUND;
222 return true; 222 return true;
223 } 223 }
224 } 224 }
225 225
226 const wchar_t* const_exe_name = exe_name.c_str(); 226 const wchar_t* const_exe_name = exe_name.c_str();
227 CountedParameterSet<NameBased> params; 227 CountedParameterSet<NameBased> params;
228 params[NameBased::NAME] = ParamPickerMake(const_exe_name); 228 params[NameBased::NAME] = ParamPickerMake(const_exe_name);
229 229
230 EvalResult eval = policy_base_->EvalPolicy(IPC_CREATEPROCESSW_TAG, 230 EvalResult eval =
231 params.GetBase()); 231 policy_->EvalPolicy(IPC_CREATEPROCESSW_TAG, params.GetBase());
232 232
233 PROCESS_INFORMATION* proc_info = 233 PROCESS_INFORMATION* proc_info =
234 reinterpret_cast<PROCESS_INFORMATION*>(info->Buffer()); 234 reinterpret_cast<PROCESS_INFORMATION*>(info->Buffer());
235 // Here we force the app_name to be the one we used for the policy lookup. 235 // Here we force the app_name to be the one we used for the policy lookup.
236 // If our logic was wrong, at least we wont allow create a random process. 236 // If our logic was wrong, at least we wont allow create a random process.
237 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, 237 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info,
238 exe_name, *cmd_line, 238 exe_name, *cmd_line,
239 proc_info); 239 proc_info);
240 240
241 ipc->return_info.win32_result = ret; 241 ipc->return_info.win32_result = ret;
242 return true; 242 return true;
243 } 243 }
244 244
245 } // namespace sandbox 245 } // namespace sandbox
OLDNEW
« content/common/sandbox_win.cc ('K') | « sandbox/win/src/process_thread_dispatcher.h ('k') | sandbox/win/src/registry_dispatcher.h » ('j') | sandbox/win/src/sandbox_policy.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698