1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/win/src/policy_target.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,45 @@
1.4 +// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
1.5 +// Use of this source code is governed by a BSD-style license that can be
1.6 +// found in the LICENSE file.
1.7 +
1.8 +#include "sandbox/win/src/nt_internals.h"
1.9 +#include "sandbox/win/src/sandbox_types.h"
1.10 +
1.11 +#ifndef SANDBOX_SRC_POLICY_TARGET_H__
1.12 +#define SANDBOX_SRC_POLICY_TARGET_H__
1.13 +
1.14 +namespace sandbox {
1.15 +
1.16 +struct CountedParameterSetBase;
1.17 +
1.18 +// Performs a policy lookup and returns true if the request should be passed to
1.19 +// the broker process.
1.20 +bool QueryBroker(int ipc_id, CountedParameterSetBase* params);
1.21 +
1.22 +extern "C" {
1.23 +
1.24 +// Interception of NtSetInformationThread on the child process.
1.25 +// It should never be called directly.
1.26 +SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtSetInformationThread(
1.27 + NtSetInformationThreadFunction orig_SetInformationThread, HANDLE thread,
1.28 + NT_THREAD_INFORMATION_CLASS thread_info_class, PVOID thread_information,
1.29 + ULONG thread_information_bytes);
1.30 +
1.31 +// Interception of NtOpenThreadToken on the child process.
1.32 +// It should never be called directly
1.33 +SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadToken(
1.34 + NtOpenThreadTokenFunction orig_OpenThreadToken, HANDLE thread,
1.35 + ACCESS_MASK desired_access, BOOLEAN open_as_self, PHANDLE token);
1.36 +
1.37 +// Interception of NtOpenThreadTokenEx on the child process.
1.38 +// It should never be called directly
1.39 +SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThreadTokenEx(
1.40 + NtOpenThreadTokenExFunction orig_OpenThreadTokenEx, HANDLE thread,
1.41 + ACCESS_MASK desired_access, BOOLEAN open_as_self, ULONG handle_attributes,
1.42 + PHANDLE token);
1.43 +
1.44 +} // extern "C"
1.45 +
1.46 +} // namespace sandbox
1.47 +
1.48 +#endif // SANDBOX_SRC_POLICY_TARGET_H__
