OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
7 | 7 |
8 #include <windows.h> | 8 #include <windows.h> |
9 | 9 |
10 #include <list> | 10 #include <list> |
(...skipping 27 matching lines...) Expand all Loading... |
38 | 38 |
39 // TargetPolicy: | 39 // TargetPolicy: |
40 virtual void AddRef() OVERRIDE; | 40 virtual void AddRef() OVERRIDE; |
41 virtual void Release() OVERRIDE; | 41 virtual void Release() OVERRIDE; |
42 virtual ResultCode SetTokenLevel(TokenLevel initial, | 42 virtual ResultCode SetTokenLevel(TokenLevel initial, |
43 TokenLevel lockdown) OVERRIDE; | 43 TokenLevel lockdown) OVERRIDE; |
44 virtual TokenLevel GetInitialTokenLevel() const OVERRIDE; | 44 virtual TokenLevel GetInitialTokenLevel() const OVERRIDE; |
45 virtual TokenLevel GetLockdownTokenLevel() const OVERRIDE; | 45 virtual TokenLevel GetLockdownTokenLevel() const OVERRIDE; |
46 virtual ResultCode SetJobLevel(JobLevel job_level, | 46 virtual ResultCode SetJobLevel(JobLevel job_level, |
47 uint32 ui_exceptions) OVERRIDE; | 47 uint32 ui_exceptions) OVERRIDE; |
| 48 virtual ResultCode SetJobMemoryLimit(size_t memory_limit) OVERRIDE; |
48 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE; | 49 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE; |
49 virtual base::string16 GetAlternateDesktop() const OVERRIDE; | 50 virtual base::string16 GetAlternateDesktop() const OVERRIDE; |
50 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE; | 51 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE; |
51 virtual void DestroyAlternateDesktop() OVERRIDE; | 52 virtual void DestroyAlternateDesktop() OVERRIDE; |
52 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE; | 53 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE; |
53 virtual IntegrityLevel GetIntegrityLevel() const OVERRIDE; | 54 virtual IntegrityLevel GetIntegrityLevel() const OVERRIDE; |
54 virtual ResultCode SetDelayedIntegrityLevel( | 55 virtual ResultCode SetDelayedIntegrityLevel( |
55 IntegrityLevel integrity_level) OVERRIDE; | 56 IntegrityLevel integrity_level) OVERRIDE; |
56 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE; | 57 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE; |
57 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE; | 58 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE; |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 // The policy takes ownership of them. | 121 // The policy takes ownership of them. |
121 typedef std::list<TargetProcess*> TargetSet; | 122 typedef std::list<TargetProcess*> TargetSet; |
122 TargetSet targets_; | 123 TargetSet targets_; |
123 // Standard object-lifetime reference counter. | 124 // Standard object-lifetime reference counter. |
124 volatile LONG ref_count; | 125 volatile LONG ref_count; |
125 // The user-defined global policy settings. | 126 // The user-defined global policy settings. |
126 TokenLevel lockdown_level_; | 127 TokenLevel lockdown_level_; |
127 TokenLevel initial_level_; | 128 TokenLevel initial_level_; |
128 JobLevel job_level_; | 129 JobLevel job_level_; |
129 uint32 ui_exceptions_; | 130 uint32 ui_exceptions_; |
| 131 size_t memory_limit_; |
130 bool use_alternate_desktop_; | 132 bool use_alternate_desktop_; |
131 bool use_alternate_winstation_; | 133 bool use_alternate_winstation_; |
132 // Helps the file system policy initialization. | 134 // Helps the file system policy initialization. |
133 bool file_system_init_; | 135 bool file_system_init_; |
134 bool relaxed_interceptions_; | 136 bool relaxed_interceptions_; |
135 HANDLE stdout_handle_; | 137 HANDLE stdout_handle_; |
136 HANDLE stderr_handle_; | 138 HANDLE stderr_handle_; |
137 IntegrityLevel integrity_level_; | 139 IntegrityLevel integrity_level_; |
138 IntegrityLevel delayed_integrity_level_; | 140 IntegrityLevel delayed_integrity_level_; |
139 MitigationFlags mitigations_; | 141 MitigationFlags mitigations_; |
(...skipping 15 matching lines...) Expand all Loading... |
155 | 157 |
156 static HDESK alternate_desktop_handle_; | 158 static HDESK alternate_desktop_handle_; |
157 static HWINSTA alternate_winstation_handle_; | 159 static HWINSTA alternate_winstation_handle_; |
158 | 160 |
159 DISALLOW_COPY_AND_ASSIGN(PolicyBase); | 161 DISALLOW_COPY_AND_ASSIGN(PolicyBase); |
160 }; | 162 }; |
161 | 163 |
162 } // namespace sandbox | 164 } // namespace sandbox |
163 | 165 |
164 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ | 166 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ |
OLD | NEW |