sandbox/win/src/process_thread_interception.h

   1 // Copyright (c) 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "sandbox/win/src/nt_internals.h"
   6 #include "sandbox/win/src/sandbox_types.h"
   7
   8 #ifndef SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__
   9 #define SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__
  10
  11 namespace sandbox {
  12
  13 extern "C" {
  14
  15 typedef BOOL (WINAPI *CreateProcessWFunction)(
  16     LPCWSTR lpApplicationName,
  17     LPWSTR lpCommandLine,
  18     LPSECURITY_ATTRIBUTES lpProcessAttributes,
  19     LPSECURITY_ATTRIBUTES lpThreadAttributes,
  20     BOOL bInheritHandles,
  21     DWORD dwCreationFlags,
  22     LPVOID lpEnvironment,
  23     LPCWSTR lpCurrentDirectory,
  24     LPSTARTUPINFOW lpStartupInfo,
  25     LPPROCESS_INFORMATION lpProcessInformation);
  26
  27 typedef BOOL (WINAPI *CreateProcessAFunction)(
  28     LPCSTR lpApplicationName,
  29     LPSTR lpCommandLine,
  30     LPSECURITY_ATTRIBUTES lpProcessAttributes,
  31     LPSECURITY_ATTRIBUTES lpThreadAttributes,
  32     BOOL bInheritHandles,
  33     DWORD dwCreationFlags,
  34     LPVOID lpEnvironment,
  35     LPCSTR lpCurrentDirectory,
  36     LPSTARTUPINFOA lpStartupInfo,
  37     LPPROCESS_INFORMATION lpProcessInformation);
  38
  39 typedef HANDLE (WINAPI *CreateThreadFunction)(
  40     LPSECURITY_ATTRIBUTES lpThreadAttributes,
  41     SIZE_T dwStackSize,
  42     LPTHREAD_START_ROUTINE lpStartAddress,
  43     PVOID lpParameter,
  44     DWORD dwCreationFlags,
  45     LPDWORD lpThreadId);
  46
  47 typedef LCID (WINAPI *GetUserDefaultLCIDFunction)();
  48
  49 // Interception of NtOpenThread on the child process.
  50 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenThread(
  51     NtOpenThreadFunction orig_OpenThread, PHANDLE thread,
  52     ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes,
  53     PCLIENT_ID client_id);
  54
  55 // Interception of NtOpenProcess on the child process.
  56 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcess(
  57     NtOpenProcessFunction orig_OpenProcess, PHANDLE process,
  58     ACCESS_MASK desired_access, POBJECT_ATTRIBUTES object_attributes,
  59     PCLIENT_ID client_id);
  60
  61 // Interception of NtOpenProcessToken on the child process.
  62 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessToken(
  63     NtOpenProcessTokenFunction orig_OpenProcessToken, HANDLE process,
  64     ACCESS_MASK desired_access, PHANDLE token);
  65
  66 // Interception of NtOpenProcessTokenEx on the child process.
  67 SANDBOX_INTERCEPT NTSTATUS WINAPI TargetNtOpenProcessTokenEx(
  68     NtOpenProcessTokenExFunction orig_OpenProcessTokenEx, HANDLE process,
  69     ACCESS_MASK desired_access, ULONG handle_attributes, PHANDLE token);
  70
  71 // Interception of CreateProcessW and A in kernel32.dll.
  72 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessW(
  73     CreateProcessWFunction orig_CreateProcessW, LPCWSTR application_name,
  74     LPWSTR command_line, LPSECURITY_ATTRIBUTES process_attributes,
  75     LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
  76     LPVOID environment, LPCWSTR current_directory, LPSTARTUPINFOW startup_info,
  77     LPPROCESS_INFORMATION process_information);
  78
  79 SANDBOX_INTERCEPT BOOL WINAPI TargetCreateProcessA(
  80     CreateProcessAFunction orig_CreateProcessA, LPCSTR application_name,
  81     LPSTR command_line, LPSECURITY_ATTRIBUTES process_attributes,
  82     LPSECURITY_ATTRIBUTES thread_attributes, BOOL inherit_handles, DWORD flags,
  83     LPVOID environment, LPCSTR current_directory, LPSTARTUPINFOA startup_info,
  84     LPPROCESS_INFORMATION process_information);
  85
  86 }  // extern "C"
  87
  88 }  // namespace sandbox
  89
  90 #endif  // SANDBOX_SRC_PROCESS_THREAD_INTERCEPTION_H__