1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "sandbox/mac/policy.h" 6 7 namespace sandbox { 8 9 Rule::Rule() 10 : result(POLICY_DECISION_INVALID), 11 substitute_port(MACH_PORT_NULL) { 12 } 13 14 Rule::Rule(PolicyDecision result) 15 : result(result), 16 substitute_port(MACH_PORT_NULL) { 17 } 18 19 Rule::Rule(mach_port_t override_port) 20 : result(POLICY_SUBSTITUTE_PORT), 21 substitute_port(override_port) { 22 } 23 24 BootstrapSandboxPolicy::BootstrapSandboxPolicy() 25 : default_rule(POLICY_DENY_ERROR) { 26 } 27 28 BootstrapSandboxPolicy::~BootstrapSandboxPolicy() {} 29 30 static bool IsRuleValid(const Rule& rule) { 31 if (!(rule.result > POLICY_DECISION_INVALID && 32 rule.result < POLICY_DECISION_LAST)) { 33 return false; 34 } 35 if (rule.result == POLICY_SUBSTITUTE_PORT) { 36 if (rule.substitute_port == MACH_PORT_NULL) 37 return false; 38 } else { 39 if (rule.substitute_port != MACH_PORT_NULL) 40 return false; 41 } 42 return true; 43 } 44 45 bool IsPolicyValid(const BootstrapSandboxPolicy& policy) { 46 if (!IsRuleValid(policy.default_rule)) 47 return false; 48 49 for (const auto& pair : policy.rules) { 50 if (!IsRuleValid(pair.second)) 51 return false; 52 } 53 return true; 54 } 55 56 } // namespace sandbox 57
