1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_SRC_SYNC_POLICY_H__ 6 #define SANDBOX_SRC_SYNC_POLICY_H__ 7 8 #include <string> 9 10 #include "base/basictypes.h" 11 #include "sandbox/win/src/crosscall_server.h" 12 #include "sandbox/win/src/nt_internals.h" 13 #include "sandbox/win/src/policy_low_level.h" 14 #include "sandbox/win/src/sandbox_policy.h" 15 16 namespace sandbox { 17 18 enum EvalResult; 19 20 // This class centralizes most of the knowledge related to sync policy 21 class SyncPolicy { 22 public: 23 // Creates the required low-level policy rules to evaluate a high-level 24 // policy rule for sync calls, in particular open or create actions. 25 // name is the sync object name, semantics is the desired semantics for the 26 // open or create and policy is the policy generator to which the rules are 27 // going to be added. 28 static bool GenerateRules(const wchar_t* name, 29 TargetPolicy::Semantics semantics, 30 LowLevelPolicy* policy); 31 32 // Performs the desired policy action on a request. 33 // client_info is the target process that is making the request and 34 // eval_result is the desired policy action to accomplish. 35 static DWORD CreateEventAction(EvalResult eval_result, 36 const ClientInfo& client_info, 37 const std::wstring &event_name, 38 uint32 manual_reset, 39 uint32 initial_state, 40 HANDLE *handle); 41 static DWORD OpenEventAction(EvalResult eval_result, 42 const ClientInfo& client_info, 43 const std::wstring &event_name, 44 uint32 desired_access, 45 uint32 inherit_handle, 46 HANDLE *handle); 47 }; 48 49 } // namespace sandbox 50 51 #endif // SANDBOX_SRC_SYNC_POLICY_H__ 52