| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/sandbox_policy_base.h" | 5 #include "sandbox/win/src/sandbox_policy_base.h" |
| 6 | 6 |
| 7 #include <sddl.h> | 7 #include <sddl.h> |
| 8 #include <stddef.h> | 8 #include <stddef.h> |
| 9 #include <stdint.h> | 9 #include <stdint.h> |
| 10 | 10 |
| (...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 172 } | 172 } |
| 173 initial_level_ = initial; | 173 initial_level_ = initial; |
| 174 lockdown_level_ = lockdown; | 174 lockdown_level_ = lockdown; |
| 175 return SBOX_ALL_OK; | 175 return SBOX_ALL_OK; |
| 176 } | 176 } |
| 177 | 177 |
| 178 TokenLevel PolicyBase::GetInitialTokenLevel() const { | 178 TokenLevel PolicyBase::GetInitialTokenLevel() const { |
| 179 return initial_level_; | 179 return initial_level_; |
| 180 } | 180 } |
| 181 | 181 |
| 182 TokenLevel PolicyBase::GetLockdownTokenLevel() const{ | 182 TokenLevel PolicyBase::GetLockdownTokenLevel() const { |
| 183 return lockdown_level_; | 183 return lockdown_level_; |
| 184 } | 184 } |
| 185 | 185 |
| 186 ResultCode PolicyBase::SetJobLevel(JobLevel job_level, uint32_t ui_exceptions) { | 186 ResultCode PolicyBase::SetJobLevel(JobLevel job_level, uint32_t ui_exceptions) { |
| 187 if (memory_limit_ && job_level == JOB_NONE) { | 187 if (memory_limit_ && job_level == JOB_NONE) { |
| 188 return SBOX_ERROR_BAD_PARAMS; | 188 return SBOX_ERROR_BAD_PARAMS; |
| 189 } | 189 } |
| 190 job_level_ = job_level; | 190 job_level_ = job_level; |
| 191 ui_exceptions_ = ui_exceptions; | 191 ui_exceptions_ = ui_exceptions; |
| 192 return SBOX_ALL_OK; | 192 return SBOX_ALL_OK; |
| 193 } | 193 } |
| 194 | 194 |
| 195 JobLevel PolicyBase::GetJobLevel() const { |
| 196 return job_level_; |
| 197 } |
| 198 |
| 195 ResultCode PolicyBase::SetJobMemoryLimit(size_t memory_limit) { | 199 ResultCode PolicyBase::SetJobMemoryLimit(size_t memory_limit) { |
| 196 if (memory_limit && job_level_ == JOB_NONE) { | 200 if (memory_limit && job_level_ == JOB_NONE) { |
| 197 return SBOX_ERROR_BAD_PARAMS; | 201 return SBOX_ERROR_BAD_PARAMS; |
| 198 } | 202 } |
| 199 memory_limit_ = memory_limit; | 203 memory_limit_ = memory_limit; |
| 200 return SBOX_ALL_OK; | 204 return SBOX_ALL_OK; |
| 201 } | 205 } |
| 202 | 206 |
| 203 ResultCode PolicyBase::SetAlternateDesktop(bool alternate_winstation) { | 207 ResultCode PolicyBase::SetAlternateDesktop(bool alternate_winstation) { |
| 204 use_alternate_desktop_ = true; | 208 use_alternate_desktop_ = true; |
| (...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 761 break; | 765 break; |
| 762 } | 766 } |
| 763 | 767 |
| 764 default: { return SBOX_ERROR_UNSUPPORTED; } | 768 default: { return SBOX_ERROR_UNSUPPORTED; } |
| 765 } | 769 } |
| 766 | 770 |
| 767 return SBOX_ALL_OK; | 771 return SBOX_ALL_OK; |
| 768 } | 772 } |
| 769 | 773 |
| 770 } // namespace sandbox | 774 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1626623003:
[Win10 sandbox mitigations] Four new Win10 mitigations added. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master