sandbox/win/tests/common/controller.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
   6 #define SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
   7
   8 #include <windows.h>
   9 #include <string>
  10
  11 #include "base/win/scoped_handle.h"
  12 #include "sandbox/win/src/sandbox.h"
  13
  14 namespace sandbox {
  15
  16 // See winerror.h for details.
  17 #define SEVERITY_INFO_FLAGS   0x40000000
  18 #define SEVERITY_ERROR_FLAGS  0xC0000000
  19 #define CUSTOMER_CODE         0x20000000
  20 #define SBOX_TESTS_FACILITY   0x05B10000
  21
  22 // All the possible error codes returned by the child process in
  23 // the sandbox.
  24 enum SboxTestResult {
  25   SBOX_TEST_FIRST_RESULT = CUSTOMER_CODE | SBOX_TESTS_FACILITY,
  26   SBOX_TEST_SUCCEEDED,
  27   SBOX_TEST_PING_OK,
  28   SBOX_TEST_FIRST_INFO = SBOX_TEST_FIRST_RESULT | SEVERITY_INFO_FLAGS,
  29   SBOX_TEST_DENIED,     // Access was denied.
  30   SBOX_TEST_NOT_FOUND,  // The resource was not found.
  31   SBOX_TEST_FIRST_ERROR = SBOX_TEST_FIRST_RESULT | SEVERITY_ERROR_FLAGS,
  32   SBOX_TEST_SECOND_ERROR,
  33   SBOX_TEST_THIRD_ERROR,
  34   SBOX_TEST_FOURTH_ERROR,
  35   SBOX_TEST_FIFTH_ERROR,
  36   SBOX_TEST_SIXTH_ERROR,
  37   SBOX_TEST_SEVENTH_ERROR,
  38   SBOX_TEST_INVALID_PARAMETER,
  39   SBOX_TEST_FAILED_TO_RUN_TEST,
  40   SBOX_TEST_FAILED_TO_EXECUTE_COMMAND,
  41   SBOX_TEST_TIMED_OUT,
  42   SBOX_TEST_FAILED,
  43   SBOX_TEST_LAST_RESULT
  44 };
  45
  46 inline bool IsSboxTestsResult(SboxTestResult result) {
  47   unsigned int code = static_cast<unsigned int>(result);
  48   unsigned int first = static_cast<unsigned int>(SBOX_TEST_FIRST_RESULT);
  49   unsigned int last = static_cast<unsigned int>(SBOX_TEST_LAST_RESULT);
  50   return (code > first) && (code < last);
  51 }
  52
  53 enum SboxTestsState {
  54   MIN_STATE = 1,
  55   BEFORE_INIT,
  56   BEFORE_REVERT,
  57   AFTER_REVERT,
  58   EVERY_STATE,
  59   MAX_STATE
  60 };
  61
  62 #define SBOX_TESTS_API __declspec(dllexport)
  63 #define SBOX_TESTS_COMMAND extern "C" SBOX_TESTS_API
  64
  65 extern "C" {
  66 typedef int (*CommandFunction)(int argc, wchar_t **argv);
  67 }
  68
  69 // Class to facilitate the launch of a test inside the sandbox.
  70 class TestRunner {
  71  public:
  72   TestRunner(JobLevel job_level, TokenLevel startup_token,
  73              TokenLevel main_token);
  74
  75   TestRunner();
  76
  77   ~TestRunner();
  78
  79   // Adds a rule to the policy. The parameters are the same as the AddRule
  80   // function in the sandbox.
  81   bool AddRule(TargetPolicy::SubSystem subsystem,
  82                TargetPolicy::Semantics semantics,
  83                const wchar_t* pattern);
  84
  85   // Adds a filesystem rules with the path of a file in system32. The function
  86   // appends "pattern" to "system32" and then call AddRule. Return true if the
  87   // function succeeds.
  88   bool AddRuleSys32(TargetPolicy::Semantics semantics, const wchar_t* pattern);
  89
  90   // Adds a filesystem rules to the policy. Returns true if the functions
  91   // succeeds.
  92   bool AddFsRule(TargetPolicy::Semantics semantics, const wchar_t* pattern);
  93
  94   // Starts a child process in the sandbox and ask it to run |command|. Returns
  95   // a SboxTestResult. By default, the test runs AFTER_REVERT.
  96   int RunTest(const wchar_t* command);
  97
  98   // Sets the timeout value for the child to run the command and return.
  99   void SetTimeout(DWORD timeout_ms);
 100
 101   // Sets TestRunner to return without waiting for the process to exit.
 102   void SetAsynchronous(bool is_async) { is_async_ = is_async; }
 103
 104   // Sets TestRunner to return without waiting for the process to exit.
 105   void SetUnsandboxed(bool is_no_sandbox) { no_sandbox_ = is_no_sandbox; }
 106
 107   // Sets the desired state for the test to run.
 108   void SetTestState(SboxTestsState desired_state);
 109
 110   // Sets a flag whether the process should be killed when the TestRunner is
 111   // destroyed.
 112   void SetKillOnDestruction(bool value) { kill_on_destruction_ = value; }
 113
 114   // Returns the pointers to the policy object. It can be used to modify
 115   // the policy manually.
 116   TargetPolicy* GetPolicy();
 117
 118   BrokerServices* broker() { return broker_; }
 119
 120   // Returns the process handle for an asynchronous test.
 121   HANDLE process() { return target_process_; }
 122
 123   // Returns the process ID for an asynchronous test.
 124   DWORD process_id() { return target_process_id_; }
 125
 126  private:
 127   // Initializes the data in the object. Sets is_init_ to tree if the
 128   // function succeeds. This is meant to be called from the constructor.
 129   void Init(JobLevel job_level, TokenLevel startup_token,
 130             TokenLevel main_token);
 131
 132   // The actual runner.
 133   int InternalRunTest(const wchar_t* command);
 134
 135   BrokerServices* broker_;
 136   TargetPolicy* policy_;
 137   DWORD timeout_;
 138   SboxTestsState state_;
 139   bool is_init_;
 140   bool is_async_;
 141   bool no_sandbox_;
 142   bool kill_on_destruction_;
 143   base::win::ScopedHandle target_process_;
 144   DWORD target_process_id_;
 145 };
 146
 147 // Returns the broker services.
 148 BrokerServices* GetBroker();
 149
 150 // Constructs a full path to a file inside the system32 (or syswow64) folder.
 151 std::wstring MakePathToSys(const wchar_t* name, bool is_obj_man_path);
 152
 153 // Runs the given test on the target process.
 154 int DispatchCall(int argc, wchar_t **argv);
 155
 156 }  // namespace sandbox
 157
 158 #endif  // SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_