Wire up process launch error codes.

sandbox/win/src/sandbox_types.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
 
+#include "base/process/launch.h"
+
 namespace sandbox {
 
 // Operation result codes returned by the sandbox API.
-enum ResultCode {
+//
+// Note: These codes are listed in a histogram and any new codes should be added
+// at the end.
+//
+enum ResultCode : int {
   SBOX_ALL_OK = 0,
   // Error is originating on the win32 layer. Call GetlastError() for more
   // information.
-  SBOX_ERROR_GENERIC = 1,
+  SBOX_ERROR_GENERIC,
   // An invalid combination of parameters was given to the API.
-  SBOX_ERROR_BAD_PARAMS = 2,
+  SBOX_ERROR_BAD_PARAMS,
   // The desired operation is not supported at this time.
-  SBOX_ERROR_UNSUPPORTED = 3,
+  SBOX_ERROR_UNSUPPORTED,
   // The request requires more memory that allocated or available.
-  SBOX_ERROR_NO_SPACE = 4,
+  SBOX_ERROR_NO_SPACE,
   // The ipc service requested does not exist.
-  SBOX_ERROR_INVALID_IPC = 5,
+  SBOX_ERROR_INVALID_IPC,
   // The ipc service did not complete.
-  SBOX_ERROR_FAILED_IPC = 6,
+  SBOX_ERROR_FAILED_IPC,
   // The requested handle was not found.
-  SBOX_ERROR_NO_HANDLE = 7,
+  SBOX_ERROR_NO_HANDLE,
   // This function was not expected to be called at this time.
-  SBOX_ERROR_UNEXPECTED_CALL = 8,
+  SBOX_ERROR_UNEXPECTED_CALL,
   // WaitForAllTargets is already called.
-  SBOX_ERROR_WAIT_ALREADY_CALLED = 9,
+  SBOX_ERROR_WAIT_ALREADY_CALLED,
   // A channel error prevented DoCall from executing.
-  SBOX_ERROR_CHANNEL_ERROR = 10,
+  SBOX_ERROR_CHANNEL_ERROR,
   // Failed to create the alternate desktop.
-  SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11,
+  SBOX_ERROR_CANNOT_CREATE_DESKTOP,
   // Failed to create the alternate window station.
-  SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12,
+  SBOX_ERROR_CANNOT_CREATE_WINSTATION,
   // Failed to switch back to the interactive window station.
-  SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13,
+  SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION,
   // The supplied AppContainer is not valid.
-  SBOX_ERROR_INVALID_APP_CONTAINER = 14,
+  SBOX_ERROR_INVALID_APP_CONTAINER,
   // The supplied capability is not valid.
-  SBOX_ERROR_INVALID_CAPABILITY = 15,
+  SBOX_ERROR_INVALID_CAPABILITY,
   // There is a failure initializing the AppContainer.
-  SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16,
+  SBOX_ERROR_CANNOT_INIT_APPCONTAINER,
   // Initializing or updating ProcThreadAttributes failed.
-  SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17,
+  SBOX_ERROR_PROC_THREAD_ATTRIBUTES,
   // Error in creating process.
-  SBOX_ERROR_CREATE_PROCESS = 18,

[Alexei Svitkine (slow), 2016/05/03 17:06:57]

Nit: For a long list like this, I actually find the explicit numbers helpful to
verify that histograms.xml and these definitions match.

It also makes it harder for someone to accidentally stick a new value in the
middle and renumber everything. So please restore them.

[Will Harris, 2016/05/03 17:26:52]

Done.

+  SBOX_ERROR_CREATE_PROCESS,
+  // Failure calling delegate PreSpawnTarget.
+  SBOX_ERROR_DELEGATE_PRE_SPAWN,
+  // Could not assign process to job object.
+  SBOX_ERROR_ASSIGN_PROCESS_TO_JOB_OBJECT,
+  // Could not assign process to job object.
+  SBOX_ERROR_SET_THREAD_TOKEN,
+  // Could not get thread context of new process.
+  SBOX_ERROR_GET_THREAD_CONTEXT,
+  // Could not duplicate target info of new process.
+  SBOX_ERROR_DUPLICATE_TARGET_INFO,
+  // Could not set low box token.
+  SBOX_ERROR_SET_LOW_BOX_TOKEN,
+  // Could not create file mapping for IPC dispatcher.
+  SBOX_ERROR_CREATE_FILE_MAPPING,
+  // Could not duplicate shared section into target process for IPC dispatcher.
+  SBOX_ERROR_DUPLICATE_SHARED_SECTION,
+  // Could not map view of shared memory in broker.
+  SBOX_ERROR_MAP_VIEW_OF_SHARED_SECTION,
+  // Could not apply ASLR mitigations to target process.
+  SBOX_ERROR_APPLY_ASLR_MITIGATIONS,
+  // Could not setup one of the required interception services.
+  SBOX_ERROR_SETUP_BASIC_INTERCEPTIONS,
+  // Could not setup basic interceptions.
+  SBOX_ERROR_SETUP_INTERCEPTION_SERVICE,
+  // Could not initialize interceptions. This usually means 3rd party software
+  // is stomping on our hooks, or can sometimes mean the syscall format has
+  // changed.
+  SBOX_ERROR_INITIALIZE_INTERCEPTIONS,
+  // Could not setup the imports for ntdll in target process.
+  SBOX_ERROR_SETUP_NTDLL_IMPORTS,
+  // Could not setup the handle closer in target process.
+  SBOX_ERROR_SETUP_HANDLE_CLOSER,
   // Placeholder for last item of the enum.
   SBOX_ERROR_LAST
 };
 
 // If the sandbox cannot create a secure environment for the target, the
 // target will be forcibly terminated. These are the process exit codes.
 enum TerminationCodes {
   SBOX_FATAL_INTEGRITY = 7006,        // Could not set the integrity level.
   SBOX_FATAL_DROPTOKEN = 7007,        // Could not lower the token.
   SBOX_FATAL_FLUSHANDLES = 7008,      // Failed to flush registry handles.
@@ skipping 26 matching lines @@
   INTERCEPTION_EAT,
   INTERCEPTION_SIDESTEP,        // Preamble patch
   INTERCEPTION_SMART_SIDESTEP,  // Preamble patch but bypass internal calls
   INTERCEPTION_UNLOAD_MODULE,   // Unload the module (don't patch)
   INTERCEPTION_LAST             // Placeholder for last item in the enumeration
 };
 
 }  // namespace sandbox
 
 #endif  // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_