sandbox_init.h revision c2e0dbddbe15c98d52c4786dac06cb8952a8ae6d
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 6#define CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 7 8#include "base/process.h" 9#include "build/build_config.h" 10#include "content/common/content_export.h" 11 12class CommandLine; 13 14namespace base { 15class FilePath; 16} 17 18namespace sandbox { 19struct SandboxInterfaceInfo; 20} 21 22namespace content { 23class SandboxedProcessLauncherDelegate; 24 25#if defined(OS_WIN) 26 27// Initialize the sandbox for renderer, gpu, utility, worker, nacl, and plug-in 28// processes, depending on the command line flags. Although The browser process 29// is not sandboxed, this also needs to be called because it will initialize 30// the broker code. 31// Returns true if the sandbox was initialized succesfully, false if an error 32// occurred. If process_type isn't one that needs sandboxing true is always 33// returned. 34CONTENT_EXPORT bool InitializeSandbox( 35 sandbox::SandboxInterfaceInfo* sandbox_info); 36 37// This is a restricted version of Windows' DuplicateHandle() function 38// that works inside the sandbox and can send handles but not retrieve 39// them. Unlike DuplicateHandle(), it takes a process ID rather than 40// a process handle. It returns true on success, false otherwise. 41CONTENT_EXPORT bool BrokerDuplicateHandle(HANDLE source_handle, 42 DWORD target_process_id, 43 HANDLE* target_handle, 44 DWORD desired_access, 45 DWORD options); 46 47// Inform the current process's sandbox broker (e.g. the broker for 48// 32-bit processes) about a process created under a different sandbox 49// broker (e.g. the broker for 64-bit processes). This allows 50// BrokerDuplicateHandle() to send handles to a process managed by 51// another broker. For example, it allows the 32-bit renderer to send 52// handles to 64-bit NaCl processes. This returns true on success, 53// false otherwise. 54CONTENT_EXPORT bool BrokerAddTargetPeer(HANDLE peer_process); 55 56// Launch a sandboxed process. |delegate| may be NULL. If |delegate| is non-NULL 57// then it just has to outlive this method call. 58CONTENT_EXPORT base::ProcessHandle StartSandboxedProcess( 59 SandboxedProcessLauncherDelegate* delegate, 60 CommandLine* cmd_line); 61 62#elif defined(OS_MACOSX) 63 64// Initialize the sandbox of the given |sandbox_type|, optionally specifying a 65// directory to allow access to. Note specifying a directory needs to be 66// supported by the sandbox profile associated with the given |sandbox_type|. 67// Valid values for |sandbox_type| are defined either by the enum SandboxType, 68// or by ContentClient::GetSandboxProfileForSandboxType(). 69// 70// If the |sandbox_type| isn't one of the ones defined by content then the 71// embedder is queried using ContentClient::GetSandboxPolicyForSandboxType(). 72// The embedder can use values for |sandbox_type| starting from 73// sandbox::SANDBOX_PROCESS_TYPE_AFTER_LAST_TYPE. 74// 75// Returns true if the sandbox was initialized succesfully, false if an error 76// occurred. If process_type isn't one that needs sandboxing, no action is 77// taken and true is always returned. 78CONTENT_EXPORT bool InitializeSandbox(int sandbox_type, 79 const base::FilePath& allowed_path); 80 81#endif 82 83} // namespace content 84 85#endif // CONTENT_PUBLIC_COMMON_SANDBOX_INIT_H_ 86