1// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef SANDBOX_SRC_SYNC_POLICY_H__ 6#define SANDBOX_SRC_SYNC_POLICY_H__ 7 8#include <string> 9 10#include "base/basictypes.h" 11#include "base/strings/string16.h" 12#include "sandbox/win/src/crosscall_server.h" 13#include "sandbox/win/src/nt_internals.h" 14#include "sandbox/win/src/policy_low_level.h" 15#include "sandbox/win/src/sandbox_policy.h" 16 17namespace sandbox { 18 19enum EvalResult; 20 21// This class centralizes most of the knowledge related to sync policy 22class SyncPolicy { 23 public: 24 // Creates the required low-level policy rules to evaluate a high-level 25 // policy rule for sync calls, in particular open or create actions. 26 // name is the sync object name, semantics is the desired semantics for the 27 // open or create and policy is the policy generator to which the rules are 28 // going to be added. 29 static bool GenerateRules(const wchar_t* name, 30 TargetPolicy::Semantics semantics, 31 LowLevelPolicy* policy); 32 33 // Performs the desired policy action on a request. 34 // client_info is the target process that is making the request and 35 // eval_result is the desired policy action to accomplish. 36 static NTSTATUS CreateEventAction(EvalResult eval_result, 37 const ClientInfo& client_info, 38 const base::string16 &event_name, 39 uint32 event_type, 40 uint32 initial_state, 41 HANDLE *handle); 42 static NTSTATUS OpenEventAction(EvalResult eval_result, 43 const ClientInfo& client_info, 44 const base::string16 &event_name, 45 uint32 desired_access, 46 HANDLE *handle); 47}; 48 49} // namespace sandbox 50 51#endif // SANDBOX_SRC_SYNC_POLICY_H__ 52