15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace sandbox { 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Operation result codes returned by the sandbox API. 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)enum ResultCode { 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ALL_OK = 0, 135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Error is originating on the win32 layer. Call GetlastError() for more 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // information. 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_GENERIC = 1, 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // An invalid combination of parameters was given to the API. 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_BAD_PARAMS = 2, 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The desired operation is not supported at this time. 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_UNSUPPORTED = 3, 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The request requires more memory that allocated or available. 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_NO_SPACE = 4, 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The ipc service requested does not exist. 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_INVALID_IPC = 5, 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The ipc service did not complete. 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_FAILED_IPC = 6, 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The requested handle was not found. 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_NO_HANDLE = 7, 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // This function was not expected to be called at this time. 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_UNEXPECTED_CALL = 8, 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // WaitForAllTargets is already called. 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_WAIT_ALREADY_CALLED = 9, 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // A channel error prevented DoCall from executing. 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_CHANNEL_ERROR = 10, 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to create the alternate desktop. 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11, 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to create the alternate window station. 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12, 385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Failed to switch back to the interactive window station. 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13, 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The supplied AppContainer is not valid. 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_INVALID_APP_CONTAINER = 14, 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The supplied capability is not valid. 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_INVALID_CAPABILITY = 15, 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // There is a failure initializing the AppContainer. 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16, 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Initializing or updating ProcThreadAttributes failed. 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17, 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Placeholder for last item of the enum. 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_ERROR_LAST 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// If the sandbox cannot create a secure environment for the target, the 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// target will be forcibly terminated. These are the process exit codes. 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)enum TerminationCodes { 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level. 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token. 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles. 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching. 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles. 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_MITIGATION = 7011, // Could not set the mitigation policy. 61f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) SBOX_FATAL_MEMORY_EXCEEDED = 7012, // Exceeded the job memory limit. 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SBOX_FATAL_LAST 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class BrokerServices; 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class TargetServices; 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Contains the pointer to a target or broker service. 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)struct SandboxInterfaceInfo { 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) BrokerServices* broker_services; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) TargetServices* target_services; 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if SANDBOX_EXPORTS 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SANDBOX_INTERCEPT extern "C" __declspec(dllexport) 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#define SANDBOX_INTERCEPT extern "C" 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)enum InterceptionType { 815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_INVALID = 0, 825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_SERVICE_CALL, // Trampoline of an NT native call 835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_EAT, 845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_SIDESTEP, // Preamble patch 855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls 865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch) 875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) INTERCEPTION_LAST // Placeholder for last item in the enumeration 885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace sandbox 915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 93