• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "sandbox/mac/policy.h"
6 
7 namespace sandbox {
8 
Rule()9 Rule::Rule()
10     : result(POLICY_DECISION_INVALID),
11       substitute_port(MACH_PORT_NULL) {
12 }
13 
Rule(PolicyDecision result)14 Rule::Rule(PolicyDecision result)
15     : result(result),
16       substitute_port(MACH_PORT_NULL) {
17 }
18 
Rule(mach_port_t override_port)19 Rule::Rule(mach_port_t override_port)
20     : result(POLICY_SUBSTITUTE_PORT),
21       substitute_port(override_port) {
22 }
23 
BootstrapSandboxPolicy()24 BootstrapSandboxPolicy::BootstrapSandboxPolicy()
25     : default_rule(POLICY_DENY_ERROR) {
26 }
27 
~BootstrapSandboxPolicy()28 BootstrapSandboxPolicy::~BootstrapSandboxPolicy() {}
29 
IsRuleValid(const Rule & rule)30 static bool IsRuleValid(const Rule& rule) {
31   if (!(rule.result > POLICY_DECISION_INVALID &&
32         rule.result < POLICY_DECISION_LAST)) {
33     return false;
34   }
35   if (rule.result == POLICY_SUBSTITUTE_PORT) {
36     if (rule.substitute_port == MACH_PORT_NULL)
37       return false;
38   } else {
39     if (rule.substitute_port != MACH_PORT_NULL)
40       return false;
41   }
42   return true;
43 }
44 
IsPolicyValid(const BootstrapSandboxPolicy & policy)45 bool IsPolicyValid(const BootstrapSandboxPolicy& policy) {
46   if (!IsRuleValid(policy.default_rule))
47     return false;
48 
49   for (const auto& pair : policy.rules) {
50     if (!IsRuleValid(pair.second))
51       return false;
52   }
53   return true;
54 }
55 
56 }  // namespace sandbox
57