Permission message rules: Each rule must have >= 1 required permissions
[chromium-blink-merge.git] / sandbox / win / src / process_mitigations_win32k_dispatcher.cc
blobe426084f861abdd9387d5578187365ff17720fad
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/win/src/process_mitigations_win32k_dispatcher.h"
6 #include "sandbox/win/src/interception.h"
7 #include "sandbox/win/src/interceptors.h"
8 #include "sandbox/win/src/ipc_tags.h"
9 #include "sandbox/win/src/process_mitigations_win32k_interception.h"
11 namespace sandbox {
13 ProcessMitigationsWin32KDispatcher::ProcessMitigationsWin32KDispatcher(
14 PolicyBase* policy_base)
15 : policy_base_(policy_base) {
18 bool ProcessMitigationsWin32KDispatcher::SetupService(
19 InterceptionManager* manager, int service) {
20 if (!(policy_base_->GetProcessMitigations() &
21 sandbox::MITIGATION_WIN32K_DISABLE)) {
22 return false;
25 switch (service) {
26 case IPC_GDI_GDIDLLINITIALIZE_TAG: {
27 if (!INTERCEPT_EAT(manager, L"gdi32.dll", GdiDllInitialize,
28 GDIINITIALIZE_ID, 12)) {
29 return false;
31 return true;
34 case IPC_GDI_GETSTOCKOBJECT_TAG: {
35 if (!INTERCEPT_EAT(manager, L"gdi32.dll", GetStockObject,
36 GETSTOCKOBJECT_ID, 8)) {
37 return false;
39 return true;
42 case IPC_USER_REGISTERCLASSW_TAG: {
43 if (!INTERCEPT_EAT(manager, L"user32.dll", RegisterClassW,
44 REGISTERCLASSW_ID, 8)) {
45 return false;
47 return true;
50 default:
51 break;
53 return false;
56 } // namespace sandbox