/external/chromium_org/content/common/sandbox_linux/ |
H A D | sandbox_seccomp_bpf_linux.h | 13 namespace sandbox { namespace 21 // This class has two main sets of APIs. One can be used to start the sandbox 26 // This is the API to enable a seccomp-bpf sandbox for content/ 28 // Is the sandbox globally enabled, can anything use it at all ? 29 // This looks at global command line flags to see if the sandbox 32 // Should the sandbox be enabled for process_type ? 34 // Check if the kernel supports this sandbox. It's useful to "prewarm" 37 // Start the sandbox and apply the policy for process_type, depending on 41 // This is the API to enable a seccomp-bpf sandbox by using an 44 scoped_ptr<sandbox [all...] |
H A D | sandbox_bpf_base_policy_linux.cc | 10 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" 12 using sandbox::bpf_dsl::ResultExpr; 24 : baseline_policy_(new sandbox::BaselinePolicy(kFSDeniedErrno)) {}
|
H A D | sandbox_seccomp_bpf_linux.cc | 18 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" 30 #include "sandbox/linux/seccomp-bpf-helpers/baseline_policy.h" 31 #include "sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.h" 32 #include "sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.h" 33 #include "sandbox/linux/seccomp-bpf-helpers/syscall_sets.h" 34 #include "sandbox/linux/seccomp-bpf/sandbox_bpf.h" 35 #include "sandbox/linux/services/linux_syscalls.h" 37 using sandbox::BaselinePolicy; 38 using sandbox::SandboxBPF; 39 using sandbox 149 SandboxBPF sandbox; local [all...] |
/external/chromium_org/sandbox/linux/tests/ |
H A D | sandbox_test_runner_function_pointer.cc | 5 #include "sandbox/linux/tests/sandbox_test_runner_function_pointer.h" 10 namespace sandbox { namespace 25 } // namespace sandbox
|
H A D | test_utils.h | 10 namespace sandbox { namespace 21 } // namespace sandbox
|
H A D | sandbox_test_runner.h | 10 namespace sandbox { namespace 28 } // namespace sandbox
|
H A D | scoped_temporary_file.h | 10 namespace sandbox { namespace 28 } // namespace sandbox
|
H A D | main.cc | 8 #include "sandbox/linux/tests/test_utils.h" 9 #include "sandbox/linux/tests/unit_tests.h" 12 namespace sandbox { namespace 24 } // namespace sandbox 53 sandbox::RunPostTestsChecks();
|
/external/chromium_org/sandbox/mac/ |
H A D | xpc.h | 16 #include "sandbox/sandbox_export.h" 19 #include "sandbox/mac/xpc_stubs_header.fragment" 25 #include "sandbox/mac/xpc_stubs.h" 29 #include "sandbox/mac/xpc_stubs.sig" 31 #include "sandbox/mac/xpc_private_stubs.sig" 38 #include "sandbox/mac/xpc_private_stubs.sig" 43 namespace sandbox { namespace 48 } // namespace sandbox
|
/external/chromium_org/sandbox/win/src/ |
H A D | policy_broker.h | 8 #include "sandbox/win/src/interception.h" 10 namespace sandbox { namespace 21 } // namespace sandbox
|
H A D | sandbox_factory.h | 8 #include "sandbox/win/src/sandbox.h" 33 namespace sandbox { namespace 48 } // namespace sandbox
|
H A D | handle_closer_agent.h | 10 #include "sandbox/win/src/handle_closer.h" 11 #include "sandbox/win/src/sandbox_types.h" 13 namespace sandbox { namespace 35 } // namespace sandbox
|
H A D | handle_interception.h | 5 #include "sandbox/win/src/nt_internals.h" 6 #include "sandbox/win/src/sandbox_types.h" 11 namespace sandbox { namespace 21 } // namespace sandbox
|
H A D | process_mitigations_win32k_policy.h | 9 #include "sandbox/win/src/crosscall_server.h" 10 #include "sandbox/win/src/policy_low_level.h" 11 #include "sandbox/win/src/sandbox_policy.h" 13 namespace sandbox { namespace 31 } // namespace sandbox
|
H A D | sandbox_utils.h | 13 #include "sandbox/win/src/nt_internals.h" 15 namespace sandbox { namespace 23 } // namespace sandbox
|
H A D | process_mitigations_win32k_dispatcher.cc | 5 #include "sandbox/win/src/process_mitigations_win32k_dispatcher.h" 6 #include "sandbox/win/src/interception.h" 7 #include "sandbox/win/src/interceptors.h" 8 #include "sandbox/win/src/ipc_tags.h" 9 #include "sandbox/win/src/process_mitigations_win32k_interception.h" 11 namespace sandbox { namespace 21 sandbox::MITIGATION_WIN32K_DISABLE)) { 56 } // namespace sandbox
|
H A D | sandbox.cc | 7 #include "sandbox/win/src/sandbox.h" 8 #include "sandbox/win/src/sandbox_factory.h" 9 #include "sandbox/win/src/broker_services.h" 10 #include "sandbox/win/src/target_services.h" 12 namespace sandbox { namespace 43 } // namespace sandbox 47 return sandbox::g_shared_section != NULL;
|
/external/chromium_org/content/common/ |
H A D | sandbox_win.cc | 29 #include "sandbox/win/src/process_mitigations.h" 30 #include "sandbox/win/src/sandbox.h" 31 #include "sandbox/win/src/sandbox_nt_util.h" 32 #include "sandbox/win/src/win_utils.h" 35 static sandbox::BrokerServices* g_broker_services = NULL; 36 static sandbox::TargetServices* g_target_services = NULL; 117 sandbox::TargetPolicy::Semantics access, 118 sandbox::TargetPolicy* policy) { 126 sandbox [all...] |
/external/chromium_org/sandbox/win/tools/launcher/ |
H A D | launcher.cc | 5 #include "sandbox/win/src/restricted_token_utils.h" 27 sandbox::TokenLevel* level) { 29 *level = sandbox::USER_LOCKDOWN; 31 *level = sandbox::USER_RESTRICTED; 33 *level = sandbox::USER_LIMITED; 35 *level = sandbox::USER_INTERACTIVE; 37 *level = sandbox::USER_NON_ADMIN; 39 *level = sandbox::USER_RESTRICTED_SAME_ACCESS; 41 *level = sandbox::USER_UNPROTECTED; 49 bool GetJobLevelFromString(const wchar_t *param, sandbox [all...] |
/external/chromium_org/content/public/common/ |
H A D | sandbox_init.h | 18 namespace sandbox { namespace 30 // Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in 34 // Returns true if the sandbox was initialized succesfully, false if an error 38 sandbox::SandboxInterfaceInfo* sandbox_info); 41 // that works inside the sandbox and can send handles but not retrieve 50 // Inform the current process's sandbox broker (e.g. the broker for 51 // 32-bit processes) about a process created under a different sandbox 67 // Initialize the sandbox of the given |sandbox_type|, optionally specifying a 69 // supported by the sandbox profile associated with the given |sandbox_type|. 76 // sandbox [all...] |
/external/chromium_org/sandbox/linux/seccomp-bpf/ |
H A D | die.h | 9 #include "sandbox/sandbox_export.h" 11 namespace sandbox { namespace 15 #define SANDBOX_DIE(m) sandbox::Die::SandboxDie(m, __FILE__, __LINE__) 19 #define RAW_SANDBOX_DIE(m) sandbox::Die::RawSandboxDie(m) 22 #define SANDBOX_INFO(m) sandbox::Die::SandboxInfo(m, __FILE__, __LINE__) 26 // Terminate the program, even if the current sandbox policy prevents some 66 } // namespace sandbox
|
H A D | verifier.h | 16 namespace sandbox { namespace 30 static bool VerifyBPF(SandboxBPF* sandbox, 41 // is used for purposes other than verifying the output of the sandbox's 51 } // namespace sandbox
|
/external/chromium_org/sandbox/linux/suid/common/ |
H A D | sandbox.h | 9 namespace sandbox { namespace 13 // (e.g. Chrome) to construct a command line for the sandbox. 38 } // namespace sandbox
|
/external/chromium_org/components/nacl/loader/sandbox_linux/ |
H A D | nacl_sandbox_linux.h | 12 namespace sandbox { namespace 21 // layer-2 uses seccomp-bpf. It requires the layer-1 sandbox to not yet be 23 // For the layer-1 sandbox to work, the current process must be a child of 24 // the setuid sandbox. InitializeLayerOneSandbox() can only be called once 25 // per instance of the setuid sandbox. 42 // This API will only work if the layer-1 sandbox is not sealed and the 43 // layer-2 sandbox is not engaged. 48 // This API will only work if the layer-1 sandbox is not sealed and the 49 // layer-2 sandbox is not engaged. 51 // Will attempt to initialize the layer-1 sandbox, dependin [all...] |
H A D | nacl_bpf_sandbox_linux.cc | 21 #include "sandbox/linux/bpf_dsl/bpf_dsl.h" 22 #include "sandbox/linux/services/linux_syscalls.h" 32 using sandbox::bpf_dsl::Allow; 33 using sandbox::bpf_dsl::Error; 34 using sandbox::bpf_dsl::ResultExpr; 36 class NaClBPFSandboxPolicy : public sandbox::bpf_dsl::SandboxBPFDSLPolicy { 48 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy> baseline_policy_; 118 // Without the sandbox on, this ptrace call would ESRCH instead. 133 scoped_ptr<sandbox::bpf_dsl::SandboxBPFDSLPolicy>(
|