Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(295)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/process_thread_policy.h

Issue 1538283002: Switch to standard integer types in sandbox/. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: macros Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/process_thread_interception.cc ('k') | sandbox/win/src/process_thread_policy.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_PROCESS_THREAD_POLICY_H_ 5 #ifndef SANDBOX_SRC_PROCESS_THREAD_POLICY_H_
6 #define SANDBOX_SRC_PROCESS_THREAD_POLICY_H_ 6 #define SANDBOX_SRC_PROCESS_THREAD_POLICY_H_
7 7
8 #include <stdint.h>
9
8 #include <string> 10 #include <string>
9 11
10 #include "sandbox/win/src/policy_low_level.h" 12 #include "sandbox/win/src/policy_low_level.h"
11 13
12 #include "base/basictypes.h"
13 #include "base/strings/string16.h" 14 #include "base/strings/string16.h"
14 #include "sandbox/win/src/crosscall_server.h" 15 #include "sandbox/win/src/crosscall_server.h"
15 #include "sandbox/win/src/sandbox_policy.h" 16 #include "sandbox/win/src/sandbox_policy.h"
16 17
17 namespace sandbox { 18 namespace sandbox {
18 19
19 enum EvalResult; 20 enum EvalResult;
20 21
21 // This class centralizes most of the knowledge related to process execution. 22 // This class centralizes most of the knowledge related to process execution.
22 class ProcessPolicy { 23 class ProcessPolicy {
23 public: 24 public:
24 // Creates the required low-level policy rules to evaluate a high-level. 25 // Creates the required low-level policy rules to evaluate a high-level.
25 // policy rule for process creation 26 // policy rule for process creation
26 // 'name' is the executable to be spawn. 27 // 'name' is the executable to be spawn.
27 // 'semantics' is the desired semantics. 28 // 'semantics' is the desired semantics.
28 // 'policy' is the policy generator to which the rules are going to be added. 29 // 'policy' is the policy generator to which the rules are going to be added.
29 static bool GenerateRules(const wchar_t* name, 30 static bool GenerateRules(const wchar_t* name,
30 TargetPolicy::Semantics semantics, 31 TargetPolicy::Semantics semantics,
31 LowLevelPolicy* policy); 32 LowLevelPolicy* policy);
32 33
33 // Opens a thread from the child process and returns the handle. 34 // Opens a thread from the child process and returns the handle.
34 // client_info contains the information about the child process, 35 // client_info contains the information about the child process,
35 // desired_access is the access requested by the child and thread_id 36 // desired_access is the access requested by the child and thread_id
36 // is the thread_id to be opened. 37 // is the thread_id to be opened.
37 // The function returns the return value of NtOpenThread. 38 // The function returns the return value of NtOpenThread.
38 static NTSTATUS OpenThreadAction(const ClientInfo& client_info, 39 static NTSTATUS OpenThreadAction(const ClientInfo& client_info,
39 uint32 desired_access, 40 uint32_t desired_access,
40 uint32 thread_id, 41 uint32_t thread_id,
41 HANDLE* handle); 42 HANDLE* handle);
42 43
43 // Opens the process id passed in and returns the duplicated handle to 44 // Opens the process id passed in and returns the duplicated handle to
44 // the child. We only allow the child processes to open themselves. Any other 45 // the child. We only allow the child processes to open themselves. Any other
45 // pid open is denied. 46 // pid open is denied.
46 static NTSTATUS OpenProcessAction(const ClientInfo& client_info, 47 static NTSTATUS OpenProcessAction(const ClientInfo& client_info,
47 uint32 desired_access, 48 uint32_t desired_access,
48 uint32 process_id, 49 uint32_t process_id,
49 HANDLE* handle); 50 HANDLE* handle);
50 51
51 // Opens the token associated with the process and returns the duplicated 52 // Opens the token associated with the process and returns the duplicated
52 // handle to the child. We only allow the child processes to open his own 53 // handle to the child. We only allow the child processes to open his own
53 // token (using ::GetCurrentProcess()). 54 // token (using ::GetCurrentProcess()).
54 static NTSTATUS OpenProcessTokenAction(const ClientInfo& client_info, 55 static NTSTATUS OpenProcessTokenAction(const ClientInfo& client_info,
55 HANDLE process, 56 HANDLE process,
56 uint32 desired_access, 57 uint32_t desired_access,
57 HANDLE* handle); 58 HANDLE* handle);
58 59
59 // Opens the token associated with the process and returns the duplicated 60 // Opens the token associated with the process and returns the duplicated
60 // handle to the child. We only allow the child processes to open his own 61 // handle to the child. We only allow the child processes to open his own
61 // token (using ::GetCurrentProcess()). 62 // token (using ::GetCurrentProcess()).
62 static NTSTATUS OpenProcessTokenExAction(const ClientInfo& client_info, 63 static NTSTATUS OpenProcessTokenExAction(const ClientInfo& client_info,
63 HANDLE process, 64 HANDLE process,
64 uint32 desired_access, 65 uint32_t desired_access,
65 uint32 attributes, 66 uint32_t attributes,
66 HANDLE* handle); 67 HANDLE* handle);
67 68
68 // Processes a 'CreateProcessW()' request from the target. 69 // Processes a 'CreateProcessW()' request from the target.
69 // 'client_info' : the target process that is making the request. 70 // 'client_info' : the target process that is making the request.
70 // 'eval_result' : The desired policy action to accomplish. 71 // 'eval_result' : The desired policy action to accomplish.
71 // 'app_name' : The full path of the process to be created. 72 // 'app_name' : The full path of the process to be created.
72 // 'command_line' : The command line passed to the created process. 73 // 'command_line' : The command line passed to the created process.
73 static DWORD CreateProcessWAction(EvalResult eval_result, 74 static DWORD CreateProcessWAction(EvalResult eval_result,
74 const ClientInfo& client_info, 75 const ClientInfo& client_info,
75 const base::string16 &app_name, 76 const base::string16 &app_name,
76 const base::string16 &command_line, 77 const base::string16 &command_line,
77 PROCESS_INFORMATION* process_info); 78 PROCESS_INFORMATION* process_info);
78 }; 79 };
79 80
80 } // namespace sandbox 81 } // namespace sandbox
81 82
82 83
83 #endif // SANDBOX_SRC_PROCESS_THREAD_POLICY_H_ 84 #endif // SANDBOX_SRC_PROCESS_THREAD_POLICY_H_
OLDNEW
« no previous file with comments | « sandbox/win/src/process_thread_interception.cc ('k') | sandbox/win/src/process_thread_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698