Unify PolicyBase into TargetPolicy.

sandbox/win/src/broker_services.cc

Index: sandbox/win/src/broker_services.cc
diff --git a/sandbox/win/src/broker_services.cc b/sandbox/win/src/broker_services.cc
index 5e6494fd1f6bd89cc3982a35741130d84f98b301..57f197f26ee71d84a73f255f5faf30d587ec4722 100644
--- a/sandbox/win/src/broker_services.cc
+++ b/sandbox/win/src/broker_services.cc
@@ -5,6 +5,7 @@
 #include "sandbox/win/src/broker_services.h"
 
 #include <AclAPI.h>
+#include <vector>
 
 #include "base/logging.h"
 #include "base/macros.h"
@@ -17,8 +18,8 @@
 #include "base/win/windows_version.h"
 #include "sandbox/win/src/app_container.h"
 #include "sandbox/win/src/process_mitigations.h"
-#include "sandbox/win/src/sandbox_policy_base.h"
 #include "sandbox/win/src/sandbox.h"
+#include "sandbox/win/src/sandbox_policy.h"
 #include "sandbox/win/src/target_process.h"
 #include "sandbox/win/src/win2k_threadpool.h"
 #include "sandbox/win/src/win_utils.h"
@@ -57,7 +58,7 @@ enum {
 // Helper structure that allows the Broker to associate a job notification
 // with a job object and with a policy.
 struct JobTracker {
-  JobTracker(base::win::ScopedHandle job, sandbox::PolicyBase* policy)
+  JobTracker(base::win::ScopedHandle job, sandbox::TargetPolicy* policy)
       : job(job.Pass()), policy(policy) {
   }
   ~JobTracker() {
@@ -69,7 +70,7 @@ struct JobTracker {
   void FreeResources();
 
   base::win::ScopedHandle job;
-  sandbox::PolicyBase* policy;
+  sandbox::TargetPolicy* policy;
 };
 
 void JobTracker::FreeResources() {
@@ -174,9 +175,7 @@ BrokerServicesBase::~BrokerServicesBase() {
 }
 
 TargetPolicy* BrokerServicesBase::CreatePolicy() {
-  // If you change the type of the object being created here you must also
-  // change the downcast to it in SpawnTarget().
-  return new PolicyBase;
+  return new TargetPolicy;
 }
 
 // The worker thread stays in a loop waiting for asynchronous notifications
@@ -304,10 +303,7 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
 
   AutoLock lock(&lock_);
 
-  // This downcast is safe as long as we control CreatePolicy()
-  PolicyBase* policy_base = static_cast<PolicyBase*>(policy);
-
-  if (policy_base->GetAppContainer() && policy_base->GetLowBoxSid())
+  if (policy->GetAppContainer() && policy->GetLowBoxSid())
     return SBOX_ERROR_BAD_PARAMS;
 
   // Construct the tokens and the job object that we are going to associate
@@ -317,13 +313,12 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
   base::win::ScopedHandle lowbox_token;
   ResultCode result = SBOX_ALL_OK;
 
-  result =
-      policy_base->MakeTokens(&initial_token, &lockdown_token, &lowbox_token);
+  result = policy->MakeTokens(&initial_token, &lockdown_token, &lowbox_token);
   if (SBOX_ALL_OK != result)
     return result;
 
   base::win::ScopedHandle job;
-  result = policy_base->MakeJobObject(&job);
+  result = policy->MakeJobObject(&job);
   if (SBOX_ALL_OK != result)
     return result;
 
@@ -337,7 +332,7 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
 
   std::vector<HANDLE> inherited_handle_list;
 
-  base::string16 desktop = policy_base->GetAlternateDesktop();
+  base::string16 desktop = policy->GetAlternateDesktop();
   if (!desktop.empty()) {
     startup_info.startup_info()->lpDesktop =
         const_cast<wchar_t*>(desktop.c_str());
@@ -347,8 +342,7 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
 
   if (base::win::GetVersion() >= base::win::VERSION_VISTA) {
     int attribute_count = 0;
-    const AppContainerAttributes* app_container =
-        policy_base->GetAppContainer();
+    const AppContainerAttributes* app_container = policy->GetAppContainer();
     if (app_container)
       ++attribute_count;
 
@@ -358,8 +352,8 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
     if (mitigations)
       ++attribute_count;
 
-    HANDLE stdout_handle = policy_base->GetStdoutHandle();
-    HANDLE stderr_handle = policy_base->GetStderrHandle();
+    HANDLE stdout_handle = policy->GetStdoutHandle();
+    HANDLE stderr_handle = policy->GetStderrHandle();
 
     if (stdout_handle != INVALID_HANDLE_VALUE)
       inherited_handle_list.push_back(stdout_handle);
@@ -368,7 +362,7 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
     if (stderr_handle != stdout_handle && stderr_handle != INVALID_HANDLE_VALUE)
       inherited_handle_list.push_back(stderr_handle);
 
-    const HandleList& policy_handle_list = policy_base->GetHandlesBeingShared();
+    const HandleList& policy_handle_list = policy->GetHandlesBeingShared();
 
     for (auto handle : policy_handle_list)
       inherited_handle_list.push_back(handle->Get());
@@ -425,7 +419,7 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
   DWORD win_result = target->Create(exe_path, command_line, inherit_handles,
                                     startup_info, &process_info);
 
-  policy_base->ClearSharedHandles();
+  policy->ClearSharedHandles();
 
   if (ERROR_SUCCESS != win_result) {
     SpawnCleanup(target, win_result);
@@ -433,15 +427,15 @@ ResultCode BrokerServicesBase::SpawnTarget(const wchar_t* exe_path,
   }
 
   // Now the policy is the owner of the target.
-  if (!policy_base->AddTarget(target)) {
+  if (!policy->AddTarget(target)) {
     return SpawnCleanup(target, 0);
   }
 
   // We are going to keep a pointer to the policy because we'll call it when
   // the job object generates notifications using the completion port.
-  policy_base->AddRef();
+  policy->AddRef();
   if (job.IsValid()) {
-    scoped_ptr<JobTracker> tracker(new JobTracker(job.Pass(), policy_base));
+    scoped_ptr<JobTracker> tracker(new JobTracker(job.Pass(), policy));
 
     // There is no obvious recovery after failure here. Previous version with
     // SpawnCleanup() caused deletion of TargetProcess twice. crbug.com/480639