Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(119)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/tests/common/controller.h

Issue 1626623003: [Win10 sandbox mitigations] Four new Win10 mitigations added. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/win/src/process_mitigations_test.cc ('K') | « sandbox/win/src/security_level.h ('k') | sandbox/win/tests/common/controller.cc » ('j') | sandbox/win/tests/common/controller.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_ 5 #ifndef SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
6 #define SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_ 6 #define SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
7 7
8 #include <windows.h> 8 #include <windows.h>
9 #include <string> 9 #include <string>
10 10
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
66 extern "C" { 66 extern "C" {
67 typedef int (*CommandFunction)(int argc, wchar_t **argv); 67 typedef int (*CommandFunction)(int argc, wchar_t **argv);
68 } 68 }
69 69
70 // Class to facilitate the launch of a test inside the sandbox. 70 // Class to facilitate the launch of a test inside the sandbox.
71 class TestRunner { 71 class TestRunner {
72 public: 72 public:
73 TestRunner(JobLevel job_level, TokenLevel startup_token, 73 TestRunner(JobLevel job_level, TokenLevel startup_token,
74 TokenLevel main_token); 74 TokenLevel main_token);
75 75
76 // TODO(pennymac): Once ALPCs are no longer being auto disabled in Init(),
77 // this overload won't be needed.
78 TestRunner(bool enable_create_process);
79
76 TestRunner(); 80 TestRunner();
77 81
78 ~TestRunner(); 82 ~TestRunner();
79 83
80 // Adds a rule to the policy. The parameters are the same as the AddRule 84 // Adds a rule to the policy. The parameters are the same as the AddRule
81 // function in the sandbox. 85 // function in the sandbox.
82 bool AddRule(TargetPolicy::SubSystem subsystem, 86 bool AddRule(TargetPolicy::SubSystem subsystem,
83 TargetPolicy::Semantics semantics, 87 TargetPolicy::Semantics semantics,
84 const wchar_t* pattern); 88 const wchar_t* pattern);
85 89
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
120 124
121 // Returns the process handle for an asynchronous test. 125 // Returns the process handle for an asynchronous test.
122 HANDLE process() { return target_process_.Get(); } 126 HANDLE process() { return target_process_.Get(); }
123 127
124 // Returns the process ID for an asynchronous test. 128 // Returns the process ID for an asynchronous test.
125 DWORD process_id() { return target_process_id_; } 129 DWORD process_id() { return target_process_id_; }
126 130
127 private: 131 private:
128 // Initializes the data in the object. Sets is_init_ to tree if the 132 // Initializes the data in the object. Sets is_init_ to tree if the
129 // function succeeds. This is meant to be called from the constructor. 133 // function succeeds. This is meant to be called from the constructor.
130 void Init(JobLevel job_level, TokenLevel startup_token, 134 void Init(JobLevel job_level,
131 TokenLevel main_token); 135 TokenLevel startup_token,
136 TokenLevel main_token,
137 bool enable_create_process);
132 138
133 // The actual runner. 139 // The actual runner.
134 int InternalRunTest(const wchar_t* command); 140 int InternalRunTest(const wchar_t* command);
135 141
136 BrokerServices* broker_; 142 BrokerServices* broker_;
137 TargetPolicy* policy_; 143 TargetPolicy* policy_;
138 DWORD timeout_; 144 DWORD timeout_;
139 SboxTestsState state_; 145 SboxTestsState state_;
140 bool is_init_; 146 bool is_init_;
141 bool is_async_; 147 bool is_async_;
142 bool no_sandbox_; 148 bool no_sandbox_;
143 bool kill_on_destruction_; 149 bool kill_on_destruction_;
144 base::win::ScopedHandle target_process_; 150 base::win::ScopedHandle target_process_;
145 DWORD target_process_id_; 151 DWORD target_process_id_;
146 }; 152 };
147 153
148 // Returns the broker services. 154 // Returns the broker services.
149 BrokerServices* GetBroker(); 155 BrokerServices* GetBroker();
150 156
151 // Constructs a full path to a file inside the system32 (or syswow64) folder. 157 // Constructs a full path to a file inside the system32 (or syswow64) folder.
152 base::string16 MakePathToSys(const wchar_t* name, bool is_obj_man_path); 158 base::string16 MakePathToSys(const wchar_t* name, bool is_obj_man_path);
153 159
154 // Runs the given test on the target process. 160 // Runs the given test on the target process.
155 int DispatchCall(int argc, wchar_t **argv); 161 int DispatchCall(int argc, wchar_t **argv);
156 162
157 } // namespace sandbox 163 } // namespace sandbox
158 164
159 #endif // SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_ 165 #endif // SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
OLDNEW
« sandbox/win/src/process_mitigations_test.cc ('K') | « sandbox/win/src/security_level.h ('k') | sandbox/win/tests/common/controller.cc » ('j') | sandbox/win/tests/common/controller.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698