1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 6 #define SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 7 8 namespace sandbox { 9 10 // Operation result codes returned by the sandbox API. 11 enum ResultCode { 12 SBOX_ALL_OK = 0, 13 // Error is originating on the win32 layer. Call GetlastError() for more 14 // information. 15 SBOX_ERROR_GENERIC = 1, 16 // An invalid combination of parameters was given to the API. 17 SBOX_ERROR_BAD_PARAMS = 2, 18 // The desired operation is not supported at this time. 19 SBOX_ERROR_UNSUPPORTED = 3, 20 // The request requires more memory that allocated or available. 21 SBOX_ERROR_NO_SPACE = 4, 22 // The ipc service requested does not exist. 23 SBOX_ERROR_INVALID_IPC = 5, 24 // The ipc service did not complete. 25 SBOX_ERROR_FAILED_IPC = 6, 26 // The requested handle was not found. 27 SBOX_ERROR_NO_HANDLE = 7, 28 // This function was not expected to be called at this time. 29 SBOX_ERROR_UNEXPECTED_CALL = 8, 30 // WaitForAllTargets is already called. 31 SBOX_ERROR_WAIT_ALREADY_CALLED = 9, 32 // A channel error prevented DoCall from executing. 33 SBOX_ERROR_CHANNEL_ERROR = 10, 34 // Failed to create the alternate desktop. 35 SBOX_ERROR_CANNOT_CREATE_DESKTOP = 11, 36 // Failed to create the alternate window station. 37 SBOX_ERROR_CANNOT_CREATE_WINSTATION = 12, 38 // Failed to switch back to the interactive window station. 39 SBOX_ERROR_FAILED_TO_SWITCH_BACK_WINSTATION = 13, 40 // The supplied AppContainer is not valid. 41 SBOX_ERROR_INVALID_APP_CONTAINER = 14, 42 // The supplied capability is not valid. 43 SBOX_ERROR_INVALID_CAPABILITY = 15, 44 // There is a failure initializing the AppContainer. 45 SBOX_ERROR_CANNOT_INIT_APPCONTAINER = 16, 46 // Initializing or updating ProcThreadAttributes failed. 47 SBOX_ERROR_PROC_THREAD_ATTRIBUTES = 17, 48 // Error in creating process. 49 SBOX_ERROR_CREATE_PROCESS = 18, 50 // Placeholder for last item of the enum. 51 SBOX_ERROR_LAST 52 }; 53 54 // If the sandbox cannot create a secure environment for the target, the 55 // target will be forcibly terminated. These are the process exit codes. 56 enum TerminationCodes { 57 SBOX_FATAL_INTEGRITY = 7006, // Could not set the integrity level. 58 SBOX_FATAL_DROPTOKEN = 7007, // Could not lower the token. 59 SBOX_FATAL_FLUSHANDLES = 7008, // Failed to flush registry handles. 60 SBOX_FATAL_CACHEDISABLE = 7009, // Failed to forbid HCKU caching. 61 SBOX_FATAL_CLOSEHANDLES = 7010, // Failed to close pending handles. 62 SBOX_FATAL_MITIGATION = 7011, // Could not set the mitigation policy. 63 SBOX_FATAL_MEMORY_EXCEEDED = 7012, // Exceeded the job memory limit. 64 SBOX_FATAL_WARMUP = 7013, // Failed to warmup. 65 SBOX_FATAL_LAST 66 }; 67 68 class BrokerServices; 69 class TargetServices; 70 71 // Contains the pointer to a target or broker service. 72 struct SandboxInterfaceInfo { 73 BrokerServices* broker_services; 74 TargetServices* target_services; 75 }; 76 77 #if SANDBOX_EXPORTS 78 #define SANDBOX_INTERCEPT extern "C" __declspec(dllexport) 79 #else 80 #define SANDBOX_INTERCEPT extern "C" 81 #endif 82 83 enum InterceptionType { 84 INTERCEPTION_INVALID = 0, 85 INTERCEPTION_SERVICE_CALL, // Trampoline of an NT native call 86 INTERCEPTION_EAT, 87 INTERCEPTION_SIDESTEP, // Preamble patch 88 INTERCEPTION_SMART_SIDESTEP, // Preamble patch but bypass internal calls 89 INTERCEPTION_UNLOAD_MODULE, // Unload the module (don't patch) 90 INTERCEPTION_LAST // Placeholder for last item in the enumeration 91 }; 92 93 } // namespace sandbox 94 95 #endif // SANDBOX_WIN_SRC_SANDBOX_TYPES_H_ 96