1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/filesystem_policy.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,107 @@
1.4 +// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +#ifndef SANDBOX_SRC_FILESYSTEM_POLICY_H__
1.9 +#define SANDBOX_SRC_FILESYSTEM_POLICY_H__
1.10 +
1.11 +#include <string>
1.12 +
1.13 +#include "base/basictypes.h"
1.14 +#include "sandbox/win/src/crosscall_server.h"
1.15 +#include "sandbox/win/src/nt_internals.h"
1.16 +#include "sandbox/win/src/policy_low_level.h"
1.17 +#include "sandbox/win/src/sandbox_policy.h"
1.18 +
1.19 +namespace sandbox {
1.20 +
1.21 +enum EvalResult;
1.22 +
1.23 +// This class centralizes most of the knowledge related to file system policy
1.24 +class FileSystemPolicy {
1.25 + public:
1.26 + // Creates the required low-level policy rules to evaluate a high-level
1.27 + // policy rule for File IO, in particular open or create actions.
1.28 + // 'name' is the file or directory name.
1.29 + // 'semantics' is the desired semantics for the open or create.
1.30 + // 'policy' is the policy generator to which the rules are going to be added.
1.31 + static bool GenerateRules(const wchar_t* name,
1.32 + TargetPolicy::Semantics semantics,
1.33 + LowLevelPolicy* policy);
1.34 +
1.35 + // Add basic file system rules.
1.36 + static bool SetInitialRules(LowLevelPolicy* policy);
1.37 +
1.38 + // Performs the desired policy action on a create request with an
1.39 + // API that is compatible with the IPC-received parameters.
1.40 + // 'client_info' : the target process that is making the request.
1.41 + // 'eval_result' : The desired policy action to accomplish.
1.42 + // 'file' : The target file or directory.
1.43 + static bool CreateFileAction(EvalResult eval_result,
1.44 + const ClientInfo& client_info,
1.45 + const std::wstring &file,
1.46 + uint32 attributes,
1.47 + uint32 desired_access,
1.48 + uint32 file_attributes,
1.49 + uint32 share_access,
1.50 + uint32 create_disposition,
1.51 + uint32 create_options,
1.52 + HANDLE* handle,
1.53 + NTSTATUS* nt_status,
1.54 + ULONG_PTR* io_information);
1.55 +
1.56 + // Performs the desired policy action on an open request with an
1.57 + // API that is compatible with the IPC-received parameters.
1.58 + // 'client_info' : the target process that is making the request.
1.59 + // 'eval_result' : The desired policy action to accomplish.
1.60 + // 'file' : The target file or directory.
1.61 + static bool OpenFileAction(EvalResult eval_result,
1.62 + const ClientInfo& client_info,
1.63 + const std::wstring &file,
1.64 + uint32 attributes,
1.65 + uint32 desired_access,
1.66 + uint32 share_access,
1.67 + uint32 open_options,
1.68 + HANDLE* handle,
1.69 + NTSTATUS* nt_status,
1.70 + ULONG_PTR* io_information);
1.71 +
1.72 + // Performs the desired policy action on a query request with an
1.73 + // API that is compatible with the IPC-received parameters.
1.74 + static bool QueryAttributesFileAction(EvalResult eval_result,
1.75 + const ClientInfo& client_info,
1.76 + const std::wstring &file,
1.77 + uint32 attributes,
1.78 + FILE_BASIC_INFORMATION* file_info,
1.79 + NTSTATUS* nt_status);
1.80 +
1.81 + // Performs the desired policy action on a query request with an
1.82 + // API that is compatible with the IPC-received parameters.
1.83 + static bool QueryFullAttributesFileAction(
1.84 + EvalResult eval_result,
1.85 + const ClientInfo& client_info,
1.86 + const std::wstring &file,
1.87 + uint32 attributes,
1.88 + FILE_NETWORK_OPEN_INFORMATION* file_info,
1.89 + NTSTATUS* nt_status);
1.90 +
1.91 + // Performs the desired policy action on a set_info request with an
1.92 + // API that is compatible with the IPC-received parameters.
1.93 + static bool SetInformationFileAction(EvalResult eval_result,
1.94 + const ClientInfo& client_info,
1.95 + HANDLE target_file_handle,
1.96 + void* file_info,
1.97 + uint32 length,
1.98 + uint32 info_class,
1.99 + IO_STATUS_BLOCK* io_block,
1.100 + NTSTATUS* nt_status);
1.101 +};
1.102 +
1.103 +// Expands the path and check if it's a reparse point. Returns false if
1.104 +// we cannot determine or if there is an unexpected error. In that case
1.105 +// the path cannot be trusted.
1.106 +bool PreProcessName(const std::wstring& path, std::wstring* new_path);
1.107 +
1.108 +} // namespace sandbox
1.109 +
1.110 +#endif // SANDBOX_SRC_FILESYSTEM_POLICY_H__
