1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
6#define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
7
8namespace sandbox {
9
10// Operation result codes returned by the sandbox API.
11enum ResultCode {
12  SBOX_ALL_OK = 0,
13  // Error is originating on the win32 layer. Call GetlastError() for more
14  // information.
15  SBOX_ERROR_GENERIC = 1,
16  // An invalid combination of parameters was given to the API.
17  SBOX_ERROR_BAD_PARAMS = 2,
18  // The desired operation is not supported at this time.
19  SBOX_ERROR_UNSUPPORTED = 3,
20  // The request requires more memory that allocated or available.
21  SBOX_ERROR_NO_SPACE = 4,
22  // The ipc service requested does not exist.
23  SBOX_ERROR_INVALID_IPC = 5,
24  // The ipc service did not complete.
25  SBOX_ERROR_FAILED_IPC = 6,
26  // The requested handle was not found.
27  SBOX_ERROR_NO_HANDLE = 7,
28  // This function was not expected to be called at this time.
29  SBOX_ERROR_UNEXPECTED_CALL = 8,
30  // WaitForAllTargets is already called.
31  SBOX_ERROR_WAIT_ALREADY_CALLED = 9,
32  // A channel error prevented DoCall from executing.
33  SBOX_ERROR_CHANNEL_ERROR = 10,
34  // Failed to create the alternate desktop.
35  SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11,
36  // Failed to create the alternate window station.
37  SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12,
38  // Failed to switch back to the interactive window station.
39  SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13,
40  // The supplied AppContainer is not valid.
41  SBOX_ERROR_INVALID_APP_CONTAINER = 14,
42  // The supplied capability is not valid.
43  SBOX_ERROR_INVALID_CAPABILITY = 15,
44  // There is a failure initializing the AppContainer.
45  SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16,
46  // Initializing or updating ProcThreadAttributes failed.
47  SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17,
48  // Placeholder for last item of the enum.
49  SBOX_ERROR_LAST
50};
51
52// If the sandbox cannot create a secure environment for the target, the
53// target will be forcibly terminated. These are the process exit codes.
54enum TerminationCodes {
55  SBOX_FATAL_INTEGRITY = 7006,       // Could not set the integrity level.
56  SBOX_FATAL_DROPTOKEN = 7007,       // Could not lower the token.
57  SBOX_FATAL_FLUSHANDLES = 7008,     // Failed to flush registry handles.
58  SBOX_FATAL_CACHEDISABLE = 7009,    // Failed to forbid HCKU caching.
59  SBOX_FATAL_CLOSEHANDLES = 7010,    // Failed to close pending handles.
60  SBOX_FATAL_MITIGATION = 7011,      // Could not set the mitigation policy.
61  SBOX_FATAL_MEMORY_EXCEEDED = 7012, // Exceeded the job memory limit.
62  SBOX_FATAL_LAST
63};
64
65class BrokerServices;
66class TargetServices;
67
68// Contains the pointer to a target or broker service.
69struct SandboxInterfaceInfo {
70  BrokerServices* broker_services;
71  TargetServices* target_services;
72};
73
74#if SANDBOX_EXPORTS
75#define SANDBOX_INTERCEPT extern "C" __declspec(dllexport)
76#else
77#define SANDBOX_INTERCEPT extern "C"
78#endif
79
80enum InterceptionType {
81  INTERCEPTION_INVALID = 0,
82  INTERCEPTION_SERVICE_CALL,    // Trampoline of an NT native call
83  INTERCEPTION_EAT,
84  INTERCEPTION_SIDESTEP,        // Preamble patch
85  INTERCEPTION_SMART_SIDESTEP,  // Preamble patch but bypass internal calls
86  INTERCEPTION_UNLOAD_MODULE,   // Unload the module (don't patch)
87  INTERCEPTION_LAST             // Placeholder for last item in the enumeration
88};
89
90}  // namespace sandbox
91
92#endif  // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
93