Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(287)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/security_level.h

Issue 1538283002: Switch to standard integer types in sandbox/. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: macros Created 4 years, 12 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/sandbox_utils.h ('k') | sandbox/win/src/service_resolver.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_SECURITY_LEVEL_H_ 5 #ifndef SANDBOX_SRC_SECURITY_LEVEL_H_
6 #define SANDBOX_SRC_SECURITY_LEVEL_H_ 6 #define SANDBOX_SRC_SECURITY_LEVEL_H_
7 7
8 #include "base/basictypes.h" 8 #include <stdint.h>
9 9
10 namespace sandbox { 10 namespace sandbox {
11 11
12 // List of all the integrity levels supported in the sandbox. This is used 12 // List of all the integrity levels supported in the sandbox. This is used
13 // only on Windows Vista. You can't set the integrity level of the process 13 // only on Windows Vista. You can't set the integrity level of the process
14 // in the sandbox to a level higher than yours. 14 // in the sandbox to a level higher than yours.
15 enum IntegrityLevel { 15 enum IntegrityLevel {
16 INTEGRITY_LEVEL_SYSTEM, 16 INTEGRITY_LEVEL_SYSTEM,
17 INTEGRITY_LEVEL_HIGH, 17 INTEGRITY_LEVEL_HIGH,
18 INTEGRITY_LEVEL_MEDIUM, 18 INTEGRITY_LEVEL_MEDIUM,
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
131 131
132 // These flags correspond to various process-level mitigations (eg. ASLR and 132 // These flags correspond to various process-level mitigations (eg. ASLR and
133 // DEP). Most are implemented via UpdateProcThreadAttribute() plus flags for 133 // DEP). Most are implemented via UpdateProcThreadAttribute() plus flags for
134 // the PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY attribute argument; documented 134 // the PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY attribute argument; documented
135 // here: http://msdn.microsoft.com/en-us/library/windows/desktop/ms686880 135 // here: http://msdn.microsoft.com/en-us/library/windows/desktop/ms686880
136 // Some mitigations are implemented directly by the sandbox or emulated to 136 // Some mitigations are implemented directly by the sandbox or emulated to
137 // the greatest extent possible when not directly supported by the OS. 137 // the greatest extent possible when not directly supported by the OS.
138 // Flags that are unsupported for the target OS will be silently ignored. 138 // Flags that are unsupported for the target OS will be silently ignored.
139 // Flags that are invalid for their application (pre or post startup) will 139 // Flags that are invalid for their application (pre or post startup) will
140 // return SBOX_ERROR_BAD_PARAMS. 140 // return SBOX_ERROR_BAD_PARAMS.
141 typedef uint64 MitigationFlags; 141 typedef uint64_t MitigationFlags;
142 142
143 // Permanently enables DEP for the target process. Corresponds to 143 // Permanently enables DEP for the target process. Corresponds to
144 // PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE. 144 // PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE.
145 const MitigationFlags MITIGATION_DEP = 0x00000001; 145 const MitigationFlags MITIGATION_DEP = 0x00000001;
146 146
147 // Permanently Disables ATL thunk emulation when DEP is enabled. Valid 147 // Permanently Disables ATL thunk emulation when DEP is enabled. Valid
148 // only when MITIGATION_DEP is passed. Corresponds to not passing 148 // only when MITIGATION_DEP is passed. Corresponds to not passing
149 // PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE. 149 // PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE.
150 const MitigationFlags MITIGATION_DEP_NO_ATL_THUNK = 0x00000002; 150 const MitigationFlags MITIGATION_DEP_NO_ATL_THUNK = 0x00000002;
151 151
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
200 const MitigationFlags MITIGATION_DLL_SEARCH_ORDER = 0x00000001ULL << 32; 200 const MitigationFlags MITIGATION_DLL_SEARCH_ORDER = 0x00000001ULL << 32;
201 201
202 // Changes the mandatory integrity level policy on the current process' token 202 // Changes the mandatory integrity level policy on the current process' token
203 // to enable no-read and no-execute up. This prevents a lower IL process from 203 // to enable no-read and no-execute up. This prevents a lower IL process from
204 // opening the process token for impersonate/duplicate/assignment. 204 // opening the process token for impersonate/duplicate/assignment.
205 const MitigationFlags MITIGATION_HARDEN_TOKEN_IL_POLICY = 0x00000001ULL << 33; 205 const MitigationFlags MITIGATION_HARDEN_TOKEN_IL_POLICY = 0x00000001ULL << 33;
206 206
207 } // namespace sandbox 207 } // namespace sandbox
208 208
209 #endif // SANDBOX_SRC_SECURITY_LEVEL_H_ 209 #endif // SANDBOX_SRC_SECURITY_LEVEL_H_
OLDNEW
« no previous file with comments | « sandbox/win/src/sandbox_utils.h ('k') | sandbox/win/src/service_resolver.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698