Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(185)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/process_mitigations_win32k_policy.h

Issue 1856993003: Implement sandbox hooks to forward OPM related GDI system calls. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Replaced shared memory implementation. Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « sandbox/win/src/process_mitigations_win32k_interception.cc ('k') | sandbox/win/src/process_mitigations_win32k_policy.cc » ('j') | sandbox/win/src/process_mitigations_win32k_policy.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_ 5 #ifndef SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_
6 #define SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_ 6 #define SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_
7 7
8 #include "base/strings/string16.h"
8 #include "sandbox/win/src/crosscall_server.h" 9 #include "sandbox/win/src/crosscall_server.h"
9 #include "sandbox/win/src/policy_low_level.h" 10 #include "sandbox/win/src/policy_low_level.h"
10 #include "sandbox/win/src/sandbox_policy.h" 11 #include "sandbox/win/src/sandbox_policy.h"
11 12
12 namespace sandbox { 13 namespace sandbox {
13 14
14 enum EvalResult; 15 enum EvalResult;
15 16
16 // This class centralizes most of the knowledge related to the process 17 // This class centralizes most of the knowledge related to the process
17 // mitigations Win32K lockdown policy. 18 // mitigations Win32K lockdown policy.
18 class ProcessMitigationsWin32KLockdownPolicy { 19 class ProcessMitigationsWin32KLockdownPolicy {
19 public: 20 public:
20 // Creates the required low-level policy rules to evaluate a high-level 21 // Creates the required low-level policy rules to evaluate a high-level
21 // policy rule for the Win32K process mitigation policy. 22 // policy rule for the Win32K process mitigation policy.
22 // name is the object name, semantics is the desired semantics for the 23 // name is the object name, semantics is the desired semantics for the
23 // open or create and policy is the policy generator to which the rules are 24 // open or create and policy is the policy generator to which the rules are
24 // going to be added. 25 // going to be added.
25 static bool GenerateRules(const wchar_t* name, 26 static bool GenerateRules(const wchar_t* name,
26 TargetPolicy::Semantics semantics, 27 TargetPolicy::Semantics semantics,
27 LowLevelPolicy* policy); 28 LowLevelPolicy* policy);
29
30 static uint32_t EnumDisplayMonitorsAction(const ClientInfo& client_info,
31 HMONITOR* monitor_list,
32 uint32_t monitor_list_size);
33
34 static NTSTATUS GetSuggestedOPMProtectedOutputArraySizeAction(
35 const ClientInfo& client_info,
36 const base::string16& device_name,
37 uint32_t* suggested_array_size);
38
39 static NTSTATUS CreateOPMProtectedOutputsAction(
40 const ClientInfo& client_info,
41 const base::string16& device_name,
42 HANDLE* protected_outputs,
43 uint32_t array_input_size,
44 uint32_t* array_output_size);
45
46 static NTSTATUS GetCertificateSizeAction(const ClientInfo& client_info,
47 const base::string16& device_name,
48 uint32_t* cert_size);
49 static NTSTATUS GetCertificateAction(const ClientInfo& client_info,
50 const base::string16& device_name,
51 BYTE* cert_data,
52 uint32_t cert_size);
53 static NTSTATUS GetOPMRandomNumberAction(const ClientInfo& client_info,
54 HANDLE protected_output,
55 void* random_number);
56 static NTSTATUS SetOPMSigningKeyAndSequenceNumbersAction(
57 const ClientInfo& client_info,
58 HANDLE protected_output,
59 void* parameters);
60 static NTSTATUS ConfigureOPMProtectedOutputAction(
61 const ClientInfo& client_info,
62 HANDLE protected_output,
63 void* parameters);
64 static NTSTATUS GetOPMInformationAction(const ClientInfo& client_info,
65 HANDLE protected_output,
66 void* parameters,
67 void* requested_information);
68 static NTSTATUS DestroyOPMProtectedOutputAction(HANDLE protected_output);
28 }; 69 };
29 70
30 } // namespace sandbox 71 } // namespace sandbox
31 72
32 #endif // SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_ 73 #endif // SANDBOX_SRC_PROCESS_MITIGATIONS_WIN32K_POLICY_H_
33 74
34 75
OLDNEW
« no previous file with comments | « sandbox/win/src/process_mitigations_win32k_interception.cc ('k') | sandbox/win/src/process_mitigations_win32k_policy.cc » ('j') | sandbox/win/src/process_mitigations_win32k_policy.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698