1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
6 #define SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_
11 #include "base/strings/string16.h"
12 #include "base/win/scoped_handle.h"
13 #include "sandbox/win/src/sandbox.h"
17 // See winerror.h for details.
18 #define SEVERITY_INFO_FLAGS 0x40000000
19 #define SEVERITY_ERROR_FLAGS 0xC0000000
20 #define CUSTOMER_CODE 0x20000000
21 #define SBOX_TESTS_FACILITY 0x05B10000
23 // All the possible error codes returned by the child process in
26 SBOX_TEST_FIRST_RESULT
= CUSTOMER_CODE
| SBOX_TESTS_FACILITY
,
29 SBOX_TEST_FIRST_INFO
= SBOX_TEST_FIRST_RESULT
| SEVERITY_INFO_FLAGS
,
30 SBOX_TEST_DENIED
, // Access was denied.
31 SBOX_TEST_NOT_FOUND
, // The resource was not found.
32 SBOX_TEST_FIRST_ERROR
= SBOX_TEST_FIRST_RESULT
| SEVERITY_ERROR_FLAGS
,
33 SBOX_TEST_SECOND_ERROR
,
34 SBOX_TEST_THIRD_ERROR
,
35 SBOX_TEST_FOURTH_ERROR
,
36 SBOX_TEST_FIFTH_ERROR
,
37 SBOX_TEST_SIXTH_ERROR
,
38 SBOX_TEST_SEVENTH_ERROR
,
39 SBOX_TEST_INVALID_PARAMETER
,
40 SBOX_TEST_FAILED_TO_RUN_TEST
,
41 SBOX_TEST_FAILED_TO_EXECUTE_COMMAND
,
47 inline bool IsSboxTestsResult(SboxTestResult result
) {
48 unsigned int code
= static_cast<unsigned int>(result
);
49 unsigned int first
= static_cast<unsigned int>(SBOX_TEST_FIRST_RESULT
);
50 unsigned int last
= static_cast<unsigned int>(SBOX_TEST_LAST_RESULT
);
51 return (code
> first
) && (code
< last
);
63 #define SBOX_TESTS_API __declspec(dllexport)
64 #define SBOX_TESTS_COMMAND extern "C" SBOX_TESTS_API
67 typedef int (*CommandFunction
)(int argc
, wchar_t **argv
);
70 // Class to facilitate the launch of a test inside the sandbox.
73 TestRunner(JobLevel job_level
, TokenLevel startup_token
,
74 TokenLevel main_token
);
80 // Adds a rule to the policy. The parameters are the same as the AddRule
81 // function in the sandbox.
82 bool AddRule(TargetPolicy::SubSystem subsystem
,
83 TargetPolicy::Semantics semantics
,
84 const wchar_t* pattern
);
86 // Adds a filesystem rules with the path of a file in system32. The function
87 // appends "pattern" to "system32" and then call AddRule. Return true if the
89 bool AddRuleSys32(TargetPolicy::Semantics semantics
, const wchar_t* pattern
);
91 // Adds a filesystem rules to the policy. Returns true if the functions
93 bool AddFsRule(TargetPolicy::Semantics semantics
, const wchar_t* pattern
);
95 // Starts a child process in the sandbox and ask it to run |command|. Returns
96 // a SboxTestResult. By default, the test runs AFTER_REVERT.
97 int RunTest(const wchar_t* command
);
99 // Sets the timeout value for the child to run the command and return.
100 void SetTimeout(DWORD timeout_ms
);
102 // Sets TestRunner to return without waiting for the process to exit.
103 void SetAsynchronous(bool is_async
) { is_async_
= is_async
; }
105 // Sets TestRunner to return without waiting for the process to exit.
106 void SetUnsandboxed(bool is_no_sandbox
) { no_sandbox_
= is_no_sandbox
; }
108 // Sets the desired state for the test to run.
109 void SetTestState(SboxTestsState desired_state
);
111 // Sets a flag whether the process should be killed when the TestRunner is
113 void SetKillOnDestruction(bool value
) { kill_on_destruction_
= value
; }
115 // Returns the pointers to the policy object. It can be used to modify
116 // the policy manually.
117 TargetPolicy
* GetPolicy();
119 BrokerServices
* broker() { return broker_
; }
121 // Returns the process handle for an asynchronous test.
122 HANDLE
process() { return target_process_
.Get(); }
124 // Returns the process ID for an asynchronous test.
125 DWORD
process_id() { return target_process_id_
; }
128 // Initializes the data in the object. Sets is_init_ to tree if the
129 // function succeeds. This is meant to be called from the constructor.
130 void Init(JobLevel job_level
, TokenLevel startup_token
,
131 TokenLevel main_token
);
133 // The actual runner.
134 int InternalRunTest(const wchar_t* command
);
136 BrokerServices
* broker_
;
137 TargetPolicy
* policy_
;
139 SboxTestsState state_
;
143 bool kill_on_destruction_
;
144 base::win::ScopedHandle target_process_
;
145 DWORD target_process_id_
;
148 // Returns the broker services.
149 BrokerServices
* GetBroker();
151 // Constructs a full path to a file inside the system32 (or syswow64) folder.
152 base::string16
MakePathToSys(const wchar_t* name
, bool is_obj_man_path
);
154 // Runs the given test on the target process.
155 int DispatchCall(int argc
, wchar_t **argv
);
157 } // namespace sandbox
159 #endif // SANDBOX_WIN_TESTS_COMMON_CONTROLLER_H_