Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(88)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/sandbox_policy_base.h

Issue 319573006: Add sandbox support for process memory limits (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ready for review Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« sandbox/win/src/sandbox_policy.h ('K') | « sandbox/win/src/sandbox_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | sandbox/win/src/sandbox_policy_base.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
7 7
8 #include <windows.h> 8 #include <windows.h>
9 9
10 #include <list> 10 #include <list>
(...skipping 25 matching lines...) Expand all
36 public: 36 public:
37 PolicyBase(); 37 PolicyBase();
38 38
39 // TargetPolicy: 39 // TargetPolicy:
40 virtual void AddRef() OVERRIDE; 40 virtual void AddRef() OVERRIDE;
41 virtual void Release() OVERRIDE; 41 virtual void Release() OVERRIDE;
42 virtual ResultCode SetTokenLevel(TokenLevel initial, 42 virtual ResultCode SetTokenLevel(TokenLevel initial,
43 TokenLevel lockdown) OVERRIDE; 43 TokenLevel lockdown) OVERRIDE;
44 virtual ResultCode SetJobLevel(JobLevel job_level, 44 virtual ResultCode SetJobLevel(JobLevel job_level,
45 uint32 ui_exceptions) OVERRIDE; 45 uint32 ui_exceptions) OVERRIDE;
46 virtual ResultCode SetJobMemoryLimit(size_t limit, bool terminate) OVERRIDE;
47 virtual bool WillTerminateOnJobMemoryLimit() const OVERRIDE;
46 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE; 48 virtual ResultCode SetAlternateDesktop(bool alternate_winstation) OVERRIDE;
47 virtual base::string16 GetAlternateDesktop() const OVERRIDE; 49 virtual base::string16 GetAlternateDesktop() const OVERRIDE;
48 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE; 50 virtual ResultCode CreateAlternateDesktop(bool alternate_winstation) OVERRIDE;
49 virtual void DestroyAlternateDesktop() OVERRIDE; 51 virtual void DestroyAlternateDesktop() OVERRIDE;
50 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE; 52 virtual ResultCode SetIntegrityLevel(IntegrityLevel integrity_level) OVERRIDE;
51 virtual ResultCode SetDelayedIntegrityLevel( 53 virtual ResultCode SetDelayedIntegrityLevel(
52 IntegrityLevel integrity_level) OVERRIDE; 54 IntegrityLevel integrity_level) OVERRIDE;
53 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE; 55 virtual ResultCode SetAppContainer(const wchar_t* sid) OVERRIDE;
54 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE; 56 virtual ResultCode SetCapability(const wchar_t* sid) OVERRIDE;
55 virtual ResultCode SetProcessMitigations(MitigationFlags flags) OVERRIDE; 57 virtual ResultCode SetProcessMitigations(MitigationFlags flags) OVERRIDE;
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after
117 // The policy takes ownership of them. 119 // The policy takes ownership of them.
118 typedef std::list<TargetProcess*> TargetSet; 120 typedef std::list<TargetProcess*> TargetSet;
119 TargetSet targets_; 121 TargetSet targets_;
120 // Standard object-lifetime reference counter. 122 // Standard object-lifetime reference counter.
121 volatile LONG ref_count; 123 volatile LONG ref_count;
122 // The user-defined global policy settings. 124 // The user-defined global policy settings.
123 TokenLevel lockdown_level_; 125 TokenLevel lockdown_level_;
124 TokenLevel initial_level_; 126 TokenLevel initial_level_;
125 JobLevel job_level_; 127 JobLevel job_level_;
126 uint32 ui_exceptions_; 128 uint32 ui_exceptions_;
129 size_t process_memory_limit_;
130 bool terminate_on_memory_limit_;
127 bool use_alternate_desktop_; 131 bool use_alternate_desktop_;
128 bool use_alternate_winstation_; 132 bool use_alternate_winstation_;
129 // Helps the file system policy initialization. 133 // Helps the file system policy initialization.
130 bool file_system_init_; 134 bool file_system_init_;
131 bool relaxed_interceptions_; 135 bool relaxed_interceptions_;
132 HANDLE stdout_handle_; 136 HANDLE stdout_handle_;
133 HANDLE stderr_handle_; 137 HANDLE stderr_handle_;
134 IntegrityLevel integrity_level_; 138 IntegrityLevel integrity_level_;
135 IntegrityLevel delayed_integrity_level_; 139 IntegrityLevel delayed_integrity_level_;
136 MitigationFlags mitigations_; 140 MitigationFlags mitigations_;
(...skipping 15 matching lines...) Expand all
152 156
153 static HDESK alternate_desktop_handle_; 157 static HDESK alternate_desktop_handle_;
154 static HWINSTA alternate_winstation_handle_; 158 static HWINSTA alternate_winstation_handle_;
155 159
156 DISALLOW_COPY_AND_ASSIGN(PolicyBase); 160 DISALLOW_COPY_AND_ASSIGN(PolicyBase);
157 }; 161 };
158 162
159 } // namespace sandbox 163 } // namespace sandbox
160 164
161 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_ 165 #endif // SANDBOX_WIN_SRC_SANDBOX_POLICY_BASE_H_
OLDNEW
« sandbox/win/src/sandbox_policy.h ('K') | « sandbox/win/src/sandbox_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | sandbox/win/src/sandbox_policy_base.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698