Permission message rules: Each rule must have >= 1 required permissions
[chromium-blink-merge.git] / sandbox / win / src / sandbox_types.h
blob3e531be4f4f0c383678fa2bd99c80ee6796ad5b9
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_
8 namespace sandbox {
10 // Operation result codes returned by the sandbox API.
11 enum ResultCode {
12 SBOX_ALL_OK = 0,
13 // Error is originating on the win32 layer. Call GetlastError() for more
14 // information.
15 SBOX_ERROR_GENERIC = 1,
16 // An invalid combination of parameters was given to the API.
17 SBOX_ERROR_BAD_PARAMS = 2,
18 // The desired operation is not supported at this time.
19 SBOX_ERROR_UNSUPPORTED = 3,
20 // The request requires more memory that allocated or available.
21 SBOX_ERROR_NO_SPACE = 4,
22 // The ipc service requested does not exist.
23 SBOX_ERROR_INVALID_IPC = 5,
24 // The ipc service did not complete.
25 SBOX_ERROR_FAILED_IPC = 6,
26 // The requested handle was not found.
27 SBOX_ERROR_NO_HANDLE = 7,
28 // This function was not expected to be called at this time.
29 SBOX_ERROR_UNEXPECTED_CALL = 8,
30 // WaitForAllTargets is already called.
31 SBOX_ERROR_WAIT_ALREADY_CALLED = 9,
32 // A channel error prevented DoCall from executing.
33 SBOX_ERROR_CHANNEL_ERROR = 10,
34 // Failed to create the alternate desktop.
35 SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11,
36 // Failed to create the alternate window station.
37 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12,
38 // Failed to switch back to the interactive window station.
39 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13,
40 // The supplied AppContainer is not valid.
41 SBOX_ERROR_INVALID_APP_CONTAINER = 14,
42 // The supplied capability is not valid.
43 SBOX_ERROR_INVALID_CAPABILITY = 15,
44 // There is a failure initializing the AppContainer.
45 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16,
46 // Initializing or updating ProcThreadAttributes failed.
47 SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17,
48 // Error in creating process.
49 SBOX_ERROR_CREATE_PROCESS = 18,
50 // Placeholder for last item of the enum.
51 SBOX_ERROR_LAST
54 // If the sandbox cannot create a secure environment for the target, the
55 // target will be forcibly terminated. These are the process exit codes.
56 enum TerminationCodes {
57 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level.
58 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token.
59 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles.
60 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching.
61 SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles.
62 SBOX_FATAL_MITIGATION = 7011, // Could not set the mitigation policy.
63 SBOX_FATAL_MEMORY_EXCEEDED = 7012, // Exceeded the job memory limit.
64 SBOX_FATAL_LAST
67 class BrokerServices;
68 class TargetServices;
70 // Contains the pointer to a target or broker service.
71 struct SandboxInterfaceInfo {
72 BrokerServices* broker_services;
73 TargetServices* target_services;
76 #if SANDBOX_EXPORTS
77 #define SANDBOX_INTERCEPT extern "C" __declspec(dllexport)
78 #else
79 #define SANDBOX_INTERCEPT extern "C"
80 #endif
82 enum InterceptionType {
83 INTERCEPTION_INVALID = 0,
84 INTERCEPTION_SERVICE_CALL, // Trampoline of an NT native call
85 INTERCEPTION_EAT,
86 INTERCEPTION_SIDESTEP, // Preamble patch
87 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls
88 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch)
89 INTERCEPTION_LAST // Placeholder for last item in the enumeration
92 } // namespace sandbox
94 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_