1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 7 8 namespace sandbox { 9 10 // Operation result codes returned by the sandbox API. 11 enum ResultCode { 12 SBOX_ALL_OK = 0, 13 // Error is originating on the win32 layer. Call GetlastError() for more 14 // information. 15 SBOX_ERROR_GENERIC = 1, 16 // An invalid combination of parameters was given to the API. 17 SBOX_ERROR_BAD_PARAMS = 2, 18 // The desired operation is not supported at this time. 19 SBOX_ERROR_UNSUPPORTED = 3, 20 // The request requires more memory that allocated or available. 21 SBOX_ERROR_NO_SPACE = 4, 22 // The ipc service requested does not exist. 23 SBOX_ERROR_INVALID_IPC = 5, 24 // The ipc service did not complete. 25 SBOX_ERROR_FAILED_IPC = 6, 26 // The requested handle was not found. 27 SBOX_ERROR_NO_HANDLE = 7, 28 // This function was not expected to be called at this time. 29 SBOX_ERROR_UNEXPECTED_CALL = 8, 30 // WaitForAllTargets is already called. 31 SBOX_ERROR_WAIT_ALREADY_CALLED = 9, 32 // A channel error prevented DoCall from executing. 33 SBOX_ERROR_CHANNEL_ERROR = 10, 34 // Failed to create the alternate desktop. 35 SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11, 36 // Failed to create the alternate window station. 37 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12, 38 // Failed to switch back to the interactive window station. 39 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13, 40 // The supplied AppContainer is not valid. 41 SBOX_ERROR_INVALID_APP_CONTAINER = 14, 42 // The supplied capability is not valid. 43 SBOX_ERROR_INVALID_CAPABILITY = 15, 44 // There is a failure initializing the AppContainer. 45 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16, 46 // Initializing or updating ProcThreadAttributes failed. 47 SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17, 48 // Placeholder for last item of the enum. 49 SBOX_ERROR_LAST 50 }; 51 52 // If the sandbox cannot create a secure environment for the target, the 53 // target will be forcibly terminated. These are the process exit codes. 54 enum TerminationCodes { 55 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level. 56 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token. 57 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles. 58 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching. 59 SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles. 60 SBOX_FATAL_MITIGATION = 7011, // Could not set the mitigation policy. 61 SBOX_FATAL_LAST 62 }; 63 64 class BrokerServices; 65 class TargetServices; 66 67 // Contains the pointer to a target or broker service. 68 struct SandboxInterfaceInfo { 69 BrokerServices* broker_services; 70 TargetServices* target_services; 71 }; 72 73 #if SANDBOX_EXPORTS 74 #define SANDBOX_INTERCEPT extern "C" __declspec(dllexport) 75 #else 76 #define SANDBOX_INTERCEPT extern "C" 77 #endif 78 79 enum InterceptionType { 80 INTERCEPTION_INVALID = 0, 81 INTERCEPTION_SERVICE_CALL, // Trampoline of an NT native call 82 INTERCEPTION_EAT, 83 INTERCEPTION_SIDESTEP, // Preamble patch 84 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls 85 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch) 86 INTERCEPTION_LAST // Placeholder for last item in the enumeration 87 }; 88 89 } // namespace sandbox 90 91 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 92
