search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Mandoline: support IME for HTMLWidgetRootLocal & HTMLWidgetLocalRoot.
[chromium-blink-merge.git] / sandbox / win / src / job.cc
blob9c854e57ef4dc88cc2f878a775a0f57fb32ed1b7
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sandbox/win/src/job.h"
6
7 #include "base/win/windows_version.h"
8 #include "sandbox/win/src/restricted_token.h"
9
10 namespace sandbox {
11
12 Job::Job() : job_handle_(NULL) {
13 };
14
15 Job::~Job() {
16 };
17
18 DWORD Job::Init(JobLevel security_level,
19 const wchar_t* job_name,
20 DWORD ui_exceptions,
21 size_t memory_limit) {
22 if (job_handle_.IsValid())
23 return ERROR_ALREADY_INITIALIZED;
24
25 job_handle_.Set(::CreateJobObject(NULL, // No security attribute
26 job_name));
27 if (!job_handle_.IsValid())
28 return ::GetLastError();
29
30 JOBOBJECT_EXTENDED_LIMIT_INFORMATION jeli = {};
31 JOBOBJECT_BASIC_UI_RESTRICTIONS jbur = {};
32
33 // Set the settings for the different security levels. Note: The higher levels
34 // inherit from the lower levels.
35 switch (security_level) {
36 case JOB_LOCKDOWN: {
37 jeli.BasicLimitInformation.LimitFlags |=
38 JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION;
39 }
40 case JOB_RESTRICTED: {
41 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_WRITECLIPBOARD;
42 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_READCLIPBOARD;
43 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_HANDLES;
44 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_GLOBALATOMS;
45 }
46 case JOB_LIMITED_USER: {
47 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_DISPLAYSETTINGS;
48 jeli.BasicLimitInformation.LimitFlags |= JOB_OBJECT_LIMIT_ACTIVE_PROCESS;
49 jeli.BasicLimitInformation.ActiveProcessLimit = 1;
50 }
51 case JOB_INTERACTIVE: {
52 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS;
53 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_DESKTOP;
54 jbur.UIRestrictionsClass |= JOB_OBJECT_UILIMIT_EXITWINDOWS;
55 }
56 case JOB_UNPROTECTED: {
57 if (memory_limit) {
58 jeli.BasicLimitInformation.LimitFlags |=
59 JOB_OBJECT_LIMIT_PROCESS_MEMORY;
60 jeli.ProcessMemoryLimit = memory_limit;
61 }
62
63 jeli.BasicLimitInformation.LimitFlags |=
64 JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE;
65 break;
66 }
67 default: {
68 return ERROR_BAD_ARGUMENTS;
69 }
70 }
71
72 if (FALSE == ::SetInformationJobObject(job_handle_.Get(),
73 JobObjectExtendedLimitInformation,
74 &jeli,
75 sizeof(jeli))) {
76 return ::GetLastError();
77 }
78
79 jbur.UIRestrictionsClass = jbur.UIRestrictionsClass & (~ui_exceptions);
80 if (FALSE == ::SetInformationJobObject(job_handle_.Get(),
81 JobObjectBasicUIRestrictions,
82 &jbur,
83 sizeof(jbur))) {
84 return ::GetLastError();
85 }
86
87 return ERROR_SUCCESS;
88 }
89
90 DWORD Job::UserHandleGrantAccess(HANDLE handle) {
91 if (!job_handle_.IsValid())
92 return ERROR_NO_DATA;
93
94 if (!::UserHandleGrantAccess(handle,
95 job_handle_.Get(),
96 TRUE)) { // Access allowed.
97 return ::GetLastError();
98 }
99
100 return ERROR_SUCCESS;
101 }
102
103 base::win::ScopedHandle Job::Take() {
104 return job_handle_.Pass();
105 }
106
107 DWORD Job::AssignProcessToJob(HANDLE process_handle) {
108 if (!job_handle_.IsValid())
109 return ERROR_NO_DATA;
110
111 if (FALSE == ::AssignProcessToJobObject(job_handle_.Get(), process_handle))
112 return ::GetLastError();
113
114 return ERROR_SUCCESS;
115 }
116
117 } // namespace sandbox