| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/sandbox_policy_base.h" | 5 #include "sandbox/win/src/sandbox_policy_base.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/win/windows_version.h" | 10 #include "base/win/windows_version.h" |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 73 // Initializes static members. | 73 // Initializes static members. |
| 74 HWINSTA PolicyBase::alternate_winstation_handle_ = NULL; | 74 HWINSTA PolicyBase::alternate_winstation_handle_ = NULL; |
| 75 HDESK PolicyBase::alternate_desktop_handle_ = NULL; | 75 HDESK PolicyBase::alternate_desktop_handle_ = NULL; |
| 76 | 76 |
| 77 PolicyBase::PolicyBase() | 77 PolicyBase::PolicyBase() |
| 78 : ref_count(1), | 78 : ref_count(1), |
| 79 lockdown_level_(USER_LOCKDOWN), | 79 lockdown_level_(USER_LOCKDOWN), |
| 80 initial_level_(USER_LOCKDOWN), | 80 initial_level_(USER_LOCKDOWN), |
| 81 job_level_(JOB_LOCKDOWN), | 81 job_level_(JOB_LOCKDOWN), |
| 82 ui_exceptions_(0), | 82 ui_exceptions_(0), |
| 83 memory_limit_(0), |
| 83 use_alternate_desktop_(false), | 84 use_alternate_desktop_(false), |
| 84 use_alternate_winstation_(false), | 85 use_alternate_winstation_(false), |
| 85 file_system_init_(false), | 86 file_system_init_(false), |
| 86 relaxed_interceptions_(true), | 87 relaxed_interceptions_(true), |
| 87 stdout_handle_(INVALID_HANDLE_VALUE), | 88 stdout_handle_(INVALID_HANDLE_VALUE), |
| 88 stderr_handle_(INVALID_HANDLE_VALUE), | 89 stderr_handle_(INVALID_HANDLE_VALUE), |
| 89 integrity_level_(INTEGRITY_LEVEL_LAST), | 90 integrity_level_(INTEGRITY_LEVEL_LAST), |
| 90 delayed_integrity_level_(INTEGRITY_LEVEL_LAST), | 91 delayed_integrity_level_(INTEGRITY_LEVEL_LAST), |
| 91 mitigations_(0), | 92 mitigations_(0), |
| 92 delayed_mitigations_(0), | 93 delayed_mitigations_(0), |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 163 | 164 |
| 164 TokenLevel PolicyBase::GetInitialTokenLevel() const { | 165 TokenLevel PolicyBase::GetInitialTokenLevel() const { |
| 165 return initial_level_; | 166 return initial_level_; |
| 166 } | 167 } |
| 167 | 168 |
| 168 TokenLevel PolicyBase::GetLockdownTokenLevel() const{ | 169 TokenLevel PolicyBase::GetLockdownTokenLevel() const{ |
| 169 return lockdown_level_; | 170 return lockdown_level_; |
| 170 } | 171 } |
| 171 | 172 |
| 172 ResultCode PolicyBase::SetJobLevel(JobLevel job_level, uint32 ui_exceptions) { | 173 ResultCode PolicyBase::SetJobLevel(JobLevel job_level, uint32 ui_exceptions) { |
| 174 if (memory_limit_ && job_level == JOB_NONE) { |
| 175 return SBOX_ERROR_BAD_PARAMS; |
| 176 } |
| 173 job_level_ = job_level; | 177 job_level_ = job_level; |
| 174 ui_exceptions_ = ui_exceptions; | 178 ui_exceptions_ = ui_exceptions; |
| 175 return SBOX_ALL_OK; | 179 return SBOX_ALL_OK; |
| 176 } | 180 } |
| 177 | 181 |
| 182 ResultCode PolicyBase::SetJobMemoryLimit(size_t memory_limit) { |
| 183 if (memory_limit && job_level_ == JOB_NONE) { |
| 184 return SBOX_ERROR_BAD_PARAMS; |
| 185 } |
| 186 memory_limit_ = memory_limit; |
| 187 return SBOX_ALL_OK; |
| 188 } |
| 189 |
| 178 ResultCode PolicyBase::SetAlternateDesktop(bool alternate_winstation) { | 190 ResultCode PolicyBase::SetAlternateDesktop(bool alternate_winstation) { |
| 179 use_alternate_desktop_ = true; | 191 use_alternate_desktop_ = true; |
| 180 use_alternate_winstation_ = alternate_winstation; | 192 use_alternate_winstation_ = alternate_winstation; |
| 181 return CreateAlternateDesktop(alternate_winstation); | 193 return CreateAlternateDesktop(alternate_winstation); |
| 182 } | 194 } |
| 183 | 195 |
| 184 base::string16 PolicyBase::GetAlternateDesktop() const { | 196 base::string16 PolicyBase::GetAlternateDesktop() const { |
| 185 // No alternate desktop or winstation. Return an empty string. | 197 // No alternate desktop or winstation. Return an empty string. |
| 186 if (!use_alternate_desktop_ && !use_alternate_winstation_) { | 198 if (!use_alternate_desktop_ && !use_alternate_winstation_) { |
| 187 return base::string16(); | 199 return base::string16(); |
| (...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 464 NOTREACHED(); | 476 NOTREACHED(); |
| 465 return false; | 477 return false; |
| 466 } | 478 } |
| 467 return dispatch->SetupService(manager, service); | 479 return dispatch->SetupService(manager, service); |
| 468 } | 480 } |
| 469 | 481 |
| 470 ResultCode PolicyBase::MakeJobObject(HANDLE* job) { | 482 ResultCode PolicyBase::MakeJobObject(HANDLE* job) { |
| 471 if (job_level_ != JOB_NONE) { | 483 if (job_level_ != JOB_NONE) { |
| 472 // Create the windows job object. | 484 // Create the windows job object. |
| 473 Job job_obj; | 485 Job job_obj; |
| 474 DWORD result = job_obj.Init(job_level_, NULL, ui_exceptions_); | 486 DWORD result = job_obj.Init(job_level_, NULL, ui_exceptions_, |
| 487 memory_limit_); |
| 475 if (ERROR_SUCCESS != result) { | 488 if (ERROR_SUCCESS != result) { |
| 476 return SBOX_ERROR_GENERIC; | 489 return SBOX_ERROR_GENERIC; |
| 477 } | 490 } |
| 478 *job = job_obj.Detach(); | 491 *job = job_obj.Detach(); |
| 479 } else { | 492 } else { |
| 480 *job = NULL; | 493 *job = NULL; |
| 481 } | 494 } |
| 482 return SBOX_ALL_OK; | 495 return SBOX_ALL_OK; |
| 483 } | 496 } |
| 484 | 497 |
| (...skipping 193 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 678 | 691 |
| 679 // Finally, setup imports on the target so the interceptions can work. | 692 // Finally, setup imports on the target so the interceptions can work. |
| 680 return SetupNtdllImports(target); | 693 return SetupNtdllImports(target); |
| 681 } | 694 } |
| 682 | 695 |
| 683 bool PolicyBase::SetupHandleCloser(TargetProcess* target) { | 696 bool PolicyBase::SetupHandleCloser(TargetProcess* target) { |
| 684 return handle_closer_.InitializeTargetHandles(target); | 697 return handle_closer_.InitializeTargetHandles(target); |
| 685 } | 698 } |
| 686 | 699 |
| 687 } // namespace sandbox | 700 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 319573006:
Add sandbox support for process memory limits (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src