michael@0: // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. michael@0: // Use of this source code is governed by a BSD-style license that can be michael@0: // found in the LICENSE file. michael@0: michael@0: #ifndef SANDBOX_SRC_PROCESS_THREAD_POLICY_H_ michael@0: #define SANDBOX_SRC_PROCESS_THREAD_POLICY_H_ michael@0: michael@0: #include michael@0: michael@0: #include "sandbox/win/src/policy_low_level.h" michael@0: michael@0: #include "base/basictypes.h" michael@0: #include "sandbox/win/src/crosscall_server.h" michael@0: #include "sandbox/win/src/sandbox_policy.h" michael@0: michael@0: namespace sandbox { michael@0: michael@0: enum EvalResult; michael@0: michael@0: // This class centralizes most of the knowledge related to process execution. michael@0: class ProcessPolicy { michael@0: public: michael@0: // Creates the required low-level policy rules to evaluate a high-level. michael@0: // policy rule for process creation michael@0: // 'name' is the executable to be spawn. michael@0: // 'semantics' is the desired semantics. michael@0: // 'policy' is the policy generator to which the rules are going to be added. michael@0: static bool GenerateRules(const wchar_t* name, michael@0: TargetPolicy::Semantics semantics, michael@0: LowLevelPolicy* policy); michael@0: michael@0: // Opens a thread from the child process and returns the handle. michael@0: // client_info contains the information about the child process, michael@0: // desired_access is the access requested by the child and thread_id michael@0: // is the thread_id to be opened. michael@0: // The function returns the return value of NtOpenThread. michael@0: static NTSTATUS OpenThreadAction(const ClientInfo& client_info, michael@0: uint32 desired_access, michael@0: uint32 thread_id, michael@0: HANDLE* handle); michael@0: michael@0: // Opens the process id passed in and returns the duplicated handle to michael@0: // the child. We only allow the child processes to open themselves. Any other michael@0: // pid open is denied. michael@0: static NTSTATUS OpenProcessAction(const ClientInfo& client_info, michael@0: uint32 desired_access, michael@0: uint32 process_id, michael@0: HANDLE* handle); michael@0: michael@0: // Opens the token associated with the process and returns the duplicated michael@0: // handle to the child. We only allow the child processes to open his own michael@0: // token (using ::GetCurrentProcess()). michael@0: static NTSTATUS OpenProcessTokenAction(const ClientInfo& client_info, michael@0: HANDLE process, michael@0: uint32 desired_access, michael@0: HANDLE* handle); michael@0: michael@0: // Opens the token associated with the process and returns the duplicated michael@0: // handle to the child. We only allow the child processes to open his own michael@0: // token (using ::GetCurrentProcess()). michael@0: static NTSTATUS OpenProcessTokenExAction(const ClientInfo& client_info, michael@0: HANDLE process, michael@0: uint32 desired_access, michael@0: uint32 attributes, michael@0: HANDLE* handle); michael@0: michael@0: // Processes a 'CreateProcessW()' request from the target. michael@0: // 'client_info' : the target process that is making the request. michael@0: // 'eval_result' : The desired policy action to accomplish. michael@0: // 'app_name' : The full path of the process to be created. michael@0: // 'command_line' : The command line passed to the created process. michael@0: static DWORD CreateProcessWAction(EvalResult eval_result, michael@0: const ClientInfo& client_info, michael@0: const std::wstring &app_name, michael@0: const std::wstring &command_line, michael@0: PROCESS_INFORMATION* process_info); michael@0: }; michael@0: michael@0: } // namespace sandbox michael@0: michael@0: michael@0: #endif // SANDBOX_SRC_PROCESS_THREAD_POLICY_H_