1// Copyright (c) 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "sandbox/win/src/nt_internals.h"
6#include "sandbox/win/src/sandbox_types.h"
7
8#ifndef SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__
9#define SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__
10
11namespace sandbox {
12
13extern "C" {
14
15typedef BOOL (WINAPI *CreateProcessWFunction)(
16    LPCWSTR lpApplicationName,
17    LPWSTR lpCommandLine,
18    LPSECURITY_ATTRIBUTES lpProcessAttributes,
19    LPSECURITY_ATTRIBUTES lpThreadAttributes,
20    BOOL bInheritHandles,
21    DWORD dwCreationFlags,
22    LPVOID lpEnvironment,
23    LPCWSTR lpCurrentDirectory,
24    LPSTARTUPINFOW lpStartupInfo,
25    LPPROCESS_INFORMATION lpProcessInformation);
26
27typedef BOOL (WINAPI *CreateProcessAFunction)(
28    LPCSTR lpApplicationName,
29    LPSTR lpCommandLine,
30    LPSECURITY_ATTRIBUTES lpProcessAttributes,
31    LPSECURITY_ATTRIBUTES lpThreadAttributes,
32    BOOL bInheritHandles,
33    DWORD dwCreationFlags,
34    LPVOID lpEnvironment,
35    LPCSTR lpCurrentDirectory,
36    LPSTARTUPINFOA lpStartupInfo,
37    LPPROCESS_INFORMATION lpProcessInformation);
38
39typedef HANDLE (WINAPI *CreateThreadFunction)(
40    LPSECURITY_ATTRIBUTES lpThreadAttributes,
41    SIZE_T dwStackSize,
42    LPTHREAD_START_ROUTINE lpStartAddress,
43    PVOID lpParameter,
44    DWORD dwCreationFlags,
45    LPDWORD lpThreadId);
46
47typedef LCID (WINAPI *GetUserDefaultLCIDFunction)();
48
49// Interception of NtOpenThread on the child process.
50SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread(
51    NtOpenThreadFunction orig_OpenThread, PHANDLE thread,
52    ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes,
53    PCLIENT_ID client_id);
54
55// Interception of NtOpenProcess on the child process.
56SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess(
57    NtOpenProcessFunction orig_OpenProcess, PHANDLE process,
58    ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes,
59    PCLIENT_ID client_id);
60
61// Interception of NtOpenProcessToken on the child process.
62SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken(
63    NtOpenProcessTokenFunction orig_OpenProcessToken, HANDLE process,
64    ACCESS_MASK desired_access, PHANDLE token);
65
66// Interception of NtOpenProcessTokenEx on the child process.
67SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx(
68    NtOpenProcessTokenExFunction orig_OpenProcessTokenEx, HANDLE process,
69    ACCESS_MASK desired_access, ULONG handle_attributes, PHANDLE token);
70
71// Interception of CreateProcessW and A in kernel32.dll.
72SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW(
73    CreateProcessWFunction orig_CreateProcessW, LPCWSTR application_name,
74    LPWSTR command_line, LPSECURITY_ATTRIBUTES process_attributes,
75    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
76    LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info,
77    LPPROCESS_INFORMATION process_information);
78
79SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA(
80    CreateProcessAFunction orig_CreateProcessA, LPCSTR application_name,
81    LPSTR command_line, LPSECURITY_ATTRIBUTES process_attributes,
82    LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
83    LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info,
84    LPPROCESS_INFORMATION process_information);
85
86}  // extern "C"
87
88}  // namespace sandbox
89
90#endif  // SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__
91